CVE-2018-2628
Summary
| CVE | CVE-2018-2628 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-04-19 02:29:00 UTC |
| Updated | 2019-04-29 21:01:00 UTC |
| Description | Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). |
Risk And Classification
EPSS: 0.994480000 probability, percentile 0.999380000 (date 2026-07-11)
CISA KEV: Listed on 2022-09-08; due 2022-09-29; ransomware use Unknown
Problem Types: CWE-502
CISA Known Exploited Vulnerability
| Vendor | Oracle |
|---|---|
| Product | WebLogic Server |
| Name | Oracle WebLogic Server Unspecified Vulnerability |
| Required Action | Apply updates per vendor instructions. |
| Notes | https://www.oracle.com/security-alerts/cpuapr2018.html; https://nvd.nist.gov/vuln/detail/CVE-2018-2628 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Oracle | Weblogic Server | 10.3.6.0.0 | All | All | All |
| Application | Oracle | Weblogic Server | 12.1.3.0.0 | All | All | All |
| Application | Oracle | Weblogic Server | 12.2.1.2.0 | All | All | All |
| Application | Oracle | Weblogic Server | 12.2.1.3 | All | All | All |
| Application | Oracle | Weblogic Server | 10.3.6.0.0 | All | All | All |
| Application | Oracle | Weblogic Server | 12.1.3.0.0 | All | All | All |
| Application | Oracle | Weblogic Server | 12.2.1.2.0 | All | All | All |
| Application | Oracle | Weblogic Server | 12.2.1.3 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Oracle Weblogic Server 10.3.6.0 / 12.1.3.0 / 12.2.1.2 / 12.2.1.3 - Deserialization Remote Command Execution - Multiple remote Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| Oracle Critical Patch Update - April 2018 | CONFIRM | www.oracle.com | Patch, Vendor Advisory |
| Oracle WebLogic Server CVE-2018-2628 Remote Security Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) - Multiple remote Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| Oracle Weblogic Server - Deserialization Remote Code Execution (Metasploit) - Windows remote Exploit | EXPLOIT-DB | www.exploit-db.com | Exploit, Third Party Advisory, VDB Entry |
| Oracle WebLogic Server Bug Lets Remote Users Gain Elevated Privileges - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| Page not found · GitHub · GitHub | MISC | github.com | Broken Link |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.