๐ CVE-2015-4852 | Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0 WLS Security com.bea.core.apache.commons.collections.jar command injection (ID 152268 / BID-77539)
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability was found in Oracle WebLogic Server 10.3.6.0/12.1.2.0/12.1.3.0/12.2.1.0. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the file oracle_common/modules/com.bea.core.apache.commons.collections.jar of the component WLS Security Handler. The manipulation leads to command injection. This vulnerability is known as CVE-2015-4852. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to applying a restrictive firewalling. ...