[Vulnerability Warning] Oracle WebLogic Remote Code Execution Vulnerability (CVE-2019-2725 Patch Bypass)

2019-06-25 09:59:09
Dear user


On June 15, 2019, it was revealed that Oracle WebLogic had 0day command execution vulnerabilities that attackers can send carefully-constructed malicious HTTP requests. If the command is remotely executed without authorization, the risk is extremely high.


[Vulnerability Rating]

Severe


[Influence Range]

10.3.6.0.0

12.1.3.0.0


[Security Recommendations]

Note: Business may be unavailable due to any one of the following repair methods


1. Delete related components of wls-wsat.war and bea_wls9_async_response and reboot WebLogic, such as bea_wls9_async_response.war, com.oracle.webservices.wls.bea-wls9-async-response_*.war and wls-wsat.war

2. Disable Internet access to paths /_async/* and /wls-wsat/* with Identity and Access Management strategy

3. WebLogic ports are forbidden to access any external address or are allowed to access specific safe ip addresses only through the JD Cloud Security Group


We will focus on successive development. Please pay attention to the official announcement.


JD Cloud team

2019-06-25 09:59:09