Remote Code Execution Vulnerability in Oracle WebLogic Server
CVE-2024-21006

7.5HIGH

Key Information:

Vendor
Oracle
Vendor
CVE Published:
16 April 2024

Badges

๐Ÿ‘พ Exploit Exists๐ŸŸก Public PoC๐Ÿ“ฐ News Worthy

Summary

CVE-2024-21006 is a vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware, affecting supported versions 12.2.1.4.0 and 14.1.1.0.0. It allows unauthenticated attackers to compromise the server and gain unauthorized access to critical data. The vulnerability is easily exploitable and has a CVSS 3.1 Base Score of 7.5, indicating its significant impact. There are no known exploitations in the wild by ransomware groups at this time. However, affected users should take measures to address this vulnerability as soon as possible to prevent potential unauthorized data access.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

News Articles

SANS ISC Stormcast: Daily Network Security News Summary; Cyber Security Podcast

Daily Cyber Security News Podcast, Author: Dr. Johannes B. Ullrich

ISC StormCast for Wednesday, May 8th, 2024

Detecting XFinity/Comcast DNS Spoofing https://isc.sans.edu/diary/Detecting%20XFinity%20Comcast%20DNS%20Spoofing/30898 Weblogic PoC CVE-2024-21006 https://pwnull.github.io/2024/oracle%20weblogic%20CVE-2024-21006%20Double-JNDInjection%20RCE%20analyze/ https://github.com/momika233/CVE-2024-21006 PDF...

Oracle Weblogic Server Flaw Allows Attackers Full Control - PoC Released

A new secondary JNDI injection vulnerability was discovered in a recent version of WebLogic, allowing attackers to trigger JNDI injection

References

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by NSFocus

  • Vulnerability published

.