← back
CVE-2017-10271

CVE-2017-10271

CVSS 7.5 HIGHEPSS 100.0%● KEVCWE-306
In short

Oracle WebLogic Server has a security flaw that allows attackers to crash or disable the server without needing a password. An attacker only needs network access to exploit it, making this a serious threat.

Technical detail

Unauthenticated remote code execution vulnerability in Oracle WebLogic Server (versions 10.3.6, 12.1.3, 12.2.1.1, 12.2.1.2) accessible via T3 protocol without authentication or user interaction. Successful exploitation results in denial of service with high availability impact; the vulnerability exists in the WLS Security subcomponent due to missing authentication controls (CWE-306).

Summary generated and translated by AI from the official description.
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products
Oracle Corporation · WebLogic Server
public PoCs found34
githubgithub.com/shack2/javaserializetools515githubgithub.com/c0mmand3rOpSec/CVE-2017-10271143githubgithub.com/kkirsche/CVE-2017-10271129githubgithub.com/7kbstorm/WebLogic_CNVD_C2019_48814114githubgithub.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961105githubgithub.com/1337g/CVE-2017-1027139githubgithub.com/Cymmetria/weblogic_honeypot33githubgithub.com/Luffin/CVE-2017-1027129githubgithub.com/s3xy/CVE-2017-1027122githubgithub.com/ETOCheney/JavaDeserialization9githubgithub.com/SuperHacker-liuan/cve-2017-10271-poc7githubgithub.com/pssss/CVE-2017-102715githubgithub.com/kbsec/Weblogic_Wsat_RCE4githubgithub.com/cjjduck/weblogic_wls_wsat_rce3githubgithub.com/ZH3FENG/PoCs-Weblogic_2017_102713githubgithub.com/pizza-power/weblogic-CVE-2019-2729-POC3githubgithub.com/ianxtianxt/-CVE-2017-10271-2githubgithub.com/Al1ex/CVE-2017-102712githubgithub.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master1githubgithub.com/XHSecurity/Oracle-WebLogic-CVE-2017-102711githubgithub.com/JackyTsuuuy/weblogic_wls_rce_poc-exp1githubgithub.com/Yuusuke4/WebLogic_CNVD_C_2019_488141githubgithub.com/r4b3rt/CVE-2017-102710githubgithub.com/peterpeter228/Oracle-WebLogic-CVE-2017-102710githubgithub.com/cved-sources/cve-2017-102710githubgithub.com/testwc/CVE-2017-102710githubgithub.com/KKsdall/7kbstormq0githubgithub.com/seoyoung-kang/CVE-2017-102710githubgithub.com/Dungsocool/CVE-2017-102710exploitdbwww.exploit-db.com/exploits/43458unverifiedexploitdbwww.exploit-db.com/exploits/43392unverifiedcve_referencewww.exploit-db.com/exploits/43924/unverifiedcve_referencewww.exploit-db.com/exploits/43458/unverifiedexploitdbwww.exploit-db.com/exploits/43924unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/c0mmand3rOpSec/CVE-2017-10271https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-10271https://www.exploit-db.com/exploits/43458/https://www.exploit-db.com/exploits/43924/http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttp://www.securityfocus.com/bid/101304http://www.securitytracker.com/id/1039608