SERVER-WEBAPP -- Snort has detected traffic exploiting vulnerabilities in web based applications on servers.
SERVER-WEBAPP Oracle WebLogic Server potential precursor to keystore attack attempt
This event is generated when an unauthenticated exploit attempt against an internal Oracle WebLogic Server occurs. Impact: Attempted Information Leak Details: Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Ease of Attack: Simple, a proof of concept is available online.
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-2894 |
Loading description
|
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
