2021-01-02 04:59:06 +00:00
id : CVE-2019-2725
2020-08-16 16:33:49 +00:00
info :
name : Oracle WebLogic Server - Unauthenticated RCE
author : dwisiswant0
severity : critical
2021-02-05 19:44:41 +00:00
tags : cve,cve2019,oracle,weblogic,rce
2021-03-30 12:10:17 +00:00
description : |
Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent : Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
2021-08-18 11:37:49 +00:00
reference :
2021-03-30 12:10:17 +00:00
- https://paper.seebug.org/910/
- https://www.exploit-db.com/exploits/46780/
- https://www.oracle.com/security-alerts/cpujan2020.html
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score : 9.80
cve-id : CVE-2019-2725
cwe-id : CWE-74
2020-08-16 16:33:49 +00:00
requests :
- method : POST
path :
- "{{BaseURL}}/_async/AsyncResponseService"
2021-03-11 17:51:40 +00:00
headers :
Content-Type : application/soap; charset="utf-8"
2020-08-16 16:33:49 +00:00
body : >-
<?xml version="1.0" encoding="UTF-8" ?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ads="http://www.w3.org/2005/08/addressing">
<soapenv:Header></soapenv:Header>
<soapenv:Body></soapenv:Body>
</soapenv:Envelope>
matchers-condition : and
matchers :
- type : word
words :
- "soapenv:Envelope"
part : body
- type : word
words :
- "X-Powered-By: Servlet"
part : header
- type : status
status :
- 200