CVE-2015-4852
CRITICAL
9,8
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high
HIGH
7,5
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: none
Confidentiality: partial
Integrity: partial
Availability: partial
Description
AI Translation Available
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,9246
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
502
Deserialization of Untrusted Data
DraftCommon Consequences
Security Scopes Affected:
Integrity
Availability
Other
Potential Impacts:
Modify Application Data
Unexpected State
Dos: Resource Consumption (Cpu)
Varies By Context
Applicable Platforms
Languages:
Java, JavaScript, PHP, Python, Ruby
Technologies:
AI/ML, ICS/OT, Not Technology-Specific
Exploit
Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote …
Oracle WebLogic Server 10.3.6.0 - Java Deserialization Remote Code Execution
View Exploit Code →
Exploit
Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote …
Websphere/JBoss/OpenNMS/Symantec Endpoint Protection Manager - Java Deserialization Remote Code Execution
View Exploit Code →
Exploit
Oracle Weblogic Server Deserialization RCE - Raw Object …
Verified Metasploit Framework (MSF)Oracle Weblogic Server Deserialization RCE - Raw Object (Metasploit)
View Exploit Code →
Application
Weblogic Server by Oracle
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:weblogic_server:12.1.2.0.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Virtual Desktop Infrastructure by Oracle
Version Range Affected
To
3.5.2
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Weblogic Server by Oracle
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Weblogic Server by Oracle
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Weblogic Server by Oracle
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Storagetek Tape Analytics Sw Tool by Oracle
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015…
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins…
http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserializat…
https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852
https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py
https://www.exploit-db.com/exploits/42806/
https://www.exploit-db.com/exploits/46628/
http://www.openwall.com/lists/oss-security/2015/11/17/19
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.h…
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.securityfocus.com/bid/77539
http://www.securitytracker.com/id/1038292
http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins…
http://packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserializat…
https://blogs.oracle.com/security/entry/security_alert_cve_2015_4852
https://github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.py
https://www.exploit-db.com/exploits/42806/
https://www.exploit-db.com/exploits/46628/
http://www.openwall.com/lists/oss-security/2015/11/17/19
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.h…
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.securityfocus.com/bid/77539
http://www.securitytracker.com/id/1038292