CVE-2016-3510
Oracle WebLogic JBoss Interceptors Deserialization of Untrusted Data Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586.
Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.3.6.0, 12.1.3.0 y 12.2.1.0 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con WLS Core Components, una vulnerabilidad diferente a CVE-2016-3586.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability.
The specific flaw exists in the use of JBoss Interceptors library. By sending a specially crafted request, the application can be made to deserialize untrusted data during the handling of the request. An attacker can leverage this vulnerability to execute arbitrary code under the context of the process.
An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.corba.utils.MarshalledObject) to the interface to execute code on vulnerable hosts.
CVSS Scores
SSVC
- Decision:Attend
Timeline
- 2016-03-17 CVE Reserved
- 2016-07-21 CVE Published
- 2021-08-28 First Exploit
- 2024-09-18 EPSS Updated
- 2024-10-11 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/152324/Oracle-Weblogic-Server-Deserialization-MarshalledObject-Remote-Code-Execution.html | X_refsource_misc |
|
| http://www.securityfocus.com/bid/91787 | Third Party Advisory | |
| http://www.securitytracker.com/id/1036373 | Vdb Entry | |
| https://www.tenable.com/security/research/tra-2016-21 | X_refsource_misc | |
| - |
| URL | Date | SRC |
|---|---|---|
| https://github.com/BabyTeam1024/CVE-2016-3510 | 2021-08-28 |
| URL | Date | SRC |
|---|---|---|
| http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html | 2019-04-01 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 10.3.6.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "10.3.6.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 12.1.3.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "12.1.3.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Weblogic Server Search vendor "Oracle" for product "Weblogic Server" | 12.2.1.0.0 Search vendor "Oracle" for product "Weblogic Server" and version "12.2.1.0.0" | - |
Affected
| ||||||