Remote Code Execution Vulnerability in Oracle WebLogic Server
CVE-2024-21006
Key Information:
- Vendor
- Oracle
- Status
- Vendor
- CVE Published:
- 16 April 2024
Badges
Summary
CVE-2024-21006 is a vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware, affecting supported versions 12.2.1.4.0 and 14.1.1.0.0. It allows unauthenticated attackers to compromise the server and gain unauthorized access to critical data. The vulnerability is easily exploitable and has a CVSS 3.1 Base Score of 7.5, indicating its significant impact. There are no known exploitations in the wild by ransomware groups at this time. However, affected users should take measures to address this vulnerability as soon as possible to prevent potential unauthorized data access.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting ๐
Well keep you posted ๐ง
News Articles
SANS Internet Storm CenterCVE-2024-21006SANS ISC Stormcast: Daily Network Security News Summary; Cyber Security Podcast
Daily Cyber Security News Podcast, Author: Dr. Johannes B. Ullrich
SpreakerCVE-2024-21006ISC StormCast for Wednesday, May 8th, 2024
Detecting XFinity/Comcast DNS Spoofing https://isc.sans.edu/diary/Detecting%20XFinity%20Comcast%20DNS%20Spoofing/30898 Weblogic PoC CVE-2024-21006 https://pwnull.github.io/2024/oracle%20weblogic%20CVE-2024-21006%20Double-JNDInjection%20RCE%20analyze/ https://github.com/momika233/CVE-2024-21006 PDF...
CybersecurityNewsOracle Weblogic Server Flaw Allows Attackers Full Control - PoC Released
A new secondary JNDI injection vulnerability was discovered in a recent version of WebLogic, allowing attackers to trigger JNDI injection
References
CVSS V3.1
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
- ๐ฐ
First article discovered by NSFocus
Vulnerability published