E18-0l7x1
CVSS:
9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
2
Year:
2018
Description
An insecure deserialization vulnerability was found in Oracle WebLogic Server.
The vulnerability is due to insufficient validation of serialized data within T3 requests.
The vulnerability can be exploited by sending a specially crafted serialized object.
Successful exploitation can result in arbitrary code execution in the context of the user running WebLogic.