Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Warning: Critical Unauthenticated RCE Vulnerability In Oracle WebLogic Server, Patch Immediately!
Image
Published : 18/10/2024
Reference:
Advisory #2024-245
Version:
1.0
Affected software:
Oracle WebLogic Server version 12.2.1.4.0 and 14.1.1.0.0
Type:
Unauthenticated Remote Code Execution
CVE/CVSS:
CVE-2024-21216: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Sources
Oracle: https://www.oracle.com/security-alerts/cpuoct2024.html
Risks
This vulnerability allows un unauthenticated attacker with network access via T3 or IIOP protocols to compromise the server. A successful attack can lead to a full takeover of the Oracle WebLogic Server, affecting confidentiality, integrity, and availability.
Description
The vulnerability CVE-2024-21216 is a critical security flaw in Oracle WebLogic Server, part of Oracle Fusion Middleware. This vulnerability affects versions 12.2.1.4.0 and 14.1.1.0.0.
The vulnerability has a CVSS 3.1 base score of 9.8, indicating its severity as critical. It is classified as easily exploitable, meaning that it requires no special privileges or user interaction, and has a low attack complexity.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/cert/report-incident
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.