Background
WebLogic is an application server, developed by Oracle Corporation. Basically speaking, WebLogic is also a middleware based on the framework of JAVAEE. It is also a Java application server used to develop, integrate, deploy and manage large distributed web applications, Internet applications and database applications.
Java provides a mechanism for object serialization.n the mechanism, an object can be represented as a sequence of bytes containing information about the object type, the data type, and the data itself. The purpose of the mechanism is to facilitate network transmission or persistent storage.
For more details about vulnerability history can access via the link below:
https://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-14534/Oracle-Weblogic-Server.html
Vulnerability Risk
Recently, WebLogic deserialization vulnerabilities have been exposed, and the patches which Oracle provided have been found not really supportive to prevent attacks. Hence, the vulnerabilities have been used again and again. Hackers have invaded the WebLogic server and put mining Trojan and ransomware into the server.
In April 2018, 360 Security Center discovered that WebLogic server data were encrypted by two ransomware, Satan and Greystars. We also found some hackers attack WebLogic server with the latest vulnerabilities, CVE-2018-2628 and CVE-2018-2893 for malicious mining. What is more, the number of the attacks are increasing significantly.
Reminder
360 Total Security provides vulnerability intrusion prevention to the users who have installed WebLogic. We would alert our users and provide vulnerability attack protection as soon as we find vulnerability. Because sometimes official patch is released quarterly or users do not patch up their computers frequently, we recommend our users to “Full Check” PC by 360 Total Security regularly to make sure server works in a much safer way.