QID 150500
Date Published: 2022-04-19
QID 150500: Oracle WebLogic Server Multiple Vulnerabilities (JAN2022)
Oracle WebLogic Server (formerly known as BEA WebLogic Server) is an application server for building and deploying enterprise applications and services.
The Oracle WebLogic Server component in Oracle Fusion Middleware for versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 has fixes for multiple vulnerabilities.
Affected Versions:
Oracle WebLogic Server, version(s) 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0
QID Detection Logic:
The qid sends a "GET console/login/LoginForm.jsp" request to retrieve the WebLogic version installed.
Successful exploitation of these vulnerabilities could allow an unauthenticated attacker to compromise and takeover Oracle WebLogic Server.
- CPUOCTJAN2022 - www.oracle.com/security-alerts/cpujan2022.html
CVEs related to QID 150500
Advisory ID | Software | Component | Link |
---|---|---|---|
CPUJAN2022 | www.oracle.com/security-alerts/cpujan2022.html |