SID 1:49945

Report a false positive

Rule Category

SERVER-ORACLE -- Snort has detected traffic exploiting vulnerabilities in Oracle Database Server.

Alert Message

SERVER-ORACLE Oracle WebLogic Server remote command execution attempt

Rule Explanation

This event is generated when traffic that exploits a remote command execution vulnerability in Oracle WebLogic is detected. Impact: High Details: This vulnerability allows an unauthenticated attacker to execute arbitrary commands on a vulnerable system. Ease of Attack: Simple

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2017-10271 CVE-2017-3506 CVE-2019-2725

Additional Links

www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2017-10271
 Loading description
CVE-2017-3506
 Loading description
CVE-2019-2725
 Loading description