← volver
CVE-2019-2725

CVE-2019-2725

CVSS 7.5 HIGHEPSS 100.0%● KEV
En resumen

Un fallo en el componente de Servicios Web del Oracle WebLogic Server permite a los atacantes tomar el control del servidor sin necesidad de iniciar sesión. Un atacante solo necesita acceso a la red a través de HTTP para explotar esta vulnerabilidad.

Detalle técnico

Vulnerabilidad de ejecución remota de código no autenticada en el componente Web Services del Oracle WebLogic Server (versiones 10.3.6.0.0 y 12.1.3.0.0), exploitable a través de HTTP sin autenticación requerida (vector de red, baja complejidad). La explotación exitosa resulta en compromiso total de la confidencialidad, integridad y disponibilidad del servidor.

Resumen generado y traducido por IA a partir de la descripción oficial.
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Oracle Corporation · Tape Library ACSLS
PoCs públicas encontradas24
githubgithub.com/shack2/javaserializetools515githubgithub.com/lufeirider/CVE-2019-2725433githubgithub.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961105githubgithub.com/black-mirror/Weblogic70githubgithub.com/pimps/CVE-2019-272552githubgithub.com/jiansiting/CVE-2019-272535githubgithub.com/lasensio/cve-2019-272521githubgithub.com/kerlingcode/CVE-2019-272511githubgithub.com/zhusx110/cve-2019-27257githubgithub.com/ianxtianxt/CVE-2019-27253githubgithub.com/welove88888/CVE-2019-27252githubgithub.com/leerina/CVE-2019-27252githubgithub.com/ludy-dev/Oracle-WLS-Weblogic-RCE2githubgithub.com/GGyao/weblogic_2019_2725_wls_batch2githubgithub.com/davidmthomsen/CVE-2019-27251githubgithub.com/1stPeak/CVE-2019-2725-environment0githubgithub.com/loursha/Oracle-Weblogic-Server-AsyncResponseService-Deserialization-Remote-Code-Execution-CVE-2019-27250githubgithub.com/peterpeter228/CNTA-2019-0014xCVE-2019-27250githubgithub.com/N0b1e6/CVE-2019-2725-POC0githubgithub.com/CalegariMindSec/Exploit-CVE-2019-27250exploitdbwww.exploit-db.com/exploits/46780no verificadocve_referencewww.exploit-db.com/exploits/46780/no verificadoexploitdbwww.exploit-db.com/exploits/46814no verificadocve_referencepacketstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.htmlno verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/152756/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.htmlhttps://support.f5.com/csp/article/K90059138https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-2725https://www.exploit-db.com/exploits/46780/https://www.oracle.com/security-alerts/alert-cve-2019-2725.html#AppendixFMWhttps://www.oracle.com/security-alerts/cpujan2020.htmlhttp://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlhttp://www.securityfocus.com/bid/108074