Attacks against recently patched WebLogic security

Enterprise software giant Oracle published an urgent security alert last night, urging companies that run WebLogic servers to install the latest patches the company released in mid-April.

Oracle says it received reports of attempts to exploit CVE-2020-2883, a vulnerability in its WebLogic enterprise product.

WebLogic is a Java-based middleware server that sits between a front-facing application and a database system, rerouting user requests and returning needed data. It is a wildly popular middleware solution, with tens of thousands of servers currently running online.

The CVE-2020-2883 vulnerability is a dangerous bug, which received a 9.8 score out of 10, on the CVSSv3 vulnerability severity scale.

The bug, which was privately reported to Oracle, allows a threat actor to send a malicious payload to a WebLogic server, via its proprietary T3 protocol.

Read more: CCNP Security Certification

The attack takes place when the server receives the data and unpacks (deserializes) it in an unsafe manner that also runs malicious code on the underlying WebLogic core, allowing the hacker to take control over unpatched systems.
Or visit this link or this one