WebLogic is an application server produced by Oracle, which is a middleware based on Java EE architecture. It is a Java application server used for developing, integrating, deploying and managing large distributed web applications, network applications and database applications.
Summary
In July, Oracle released an official patch note containing a total of 443 security patches, including a high-risk vulnerability in WebLogic components, CVE-2020-14645. Affected customers are recommended to install the latest official patches as soon as possible.
This vulnerability allows unauthenticated attackers to access the network through IIOP and T3. Unauthenticated attackers who successfully exploit this vulnerability may take over Oracle WebLogic Server.
Impacts
Affected Versions:
Oracle WebLogic Server 12.2.1.4.0
Timeline
July 16, 2020 Sangfor FarSight Labs reproduced this vulnerability successfully, then released a security bulletin.
Remediation Solution
The latest patch released by Oracle has fixed this vulnerability. Please download it from the official website: https://www.oracle.com/security-alerts/cpuapr2020.html.
Sangfor Solution
For Sangfor NGAF customers, keep NGAF security protection rules up to date.
Sangfor Cloud WAF has automatically updated its database in the cloud. Those users are already protected from this vulnerability without needing to perform any additional operations.
Sangfor Cyber Command is capable of detecting attacks which exploit this vulnerability and can alert users in real time. Users can correlate Cyber Command to Sangfor NGAF to block an attacker's IP address.
Sangfor SOC makes sure that Sangfor security specialists are available 24/7 to you for any security issue. Sangfor security experts scan the customer's network environment in the first place to ensure that the customer's host is free from this vulnerability. For users with vulnerabilities, we reviewed and updated device policies to ensure protection capability against this vulnerability.