漏洞类别:Web server
漏洞等级: 
漏洞信息
Oracle WebLogic Server (formerly known as BEA WebLogic Server) is an application server for building and deploying enterprise applications and services.
The Oracle WebLogic Server component in Oracle Fusion Middleware for versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 has fixes for multiple vulnerabilities including Apache Struts (CVE-2016-1181 and CVE-2017-5638) .
Affected Versions:
Oracle WebLogic Server, version(s) 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2
漏洞危害
Successful exploitation could allow an attacker to affect the confidentiality, integrity and availability of data on the target system.
解决方案
The vendor has released patches for these issues. Customers are advised to refer to Oracle CPUAPR2017 for detailed information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
Oracle Critical Patch Update Advisory - April 2017 (Weblogic Server)
0day
文章评论