[SingCERT] Alert on Vulnerability in Oracle WebLogic Server (CVE-2018-2893)

Published on Friday, 27 July 2018 11:04


Oracle WebLogic Server (WLS) is a Java Enterprise Edition Application server by Oracle Corporation.

Oracle announced a critical patch update to address a Vulnerability (CVE-2018-2893) found in its WebLogic Server after researchers reported the flaw.  This flaw affects the product’s WLS Core Components subcomponent.

This vulnerability (CVE-2018-2893) has a Common Vulnerability Score System (CVSS) severity base score of 9.8 out of the maximum 10.

Affected Products

The following versions of Oracle WLS are affected:






An unauthenticated attacker with network access via T3* transport protocol using port 7100 could easily exploit this vulnerability to compromise unpatched core components of the Oracle WLS. A successful exploit allows the attacker to execute arbitrary commands remotely to gain elevated privileges, resulting in a takeover of the Oracle WLS.

*T3 is Oracle's proprietary protocol.


•Server owners are advised to apply the Critical Patch Update issued by Oracle in July 2018, especially patches for CVE-2018-2893.

•Server owners who have not applied the patch update may want to block external access to port 7100 on their routers.