Table of Contents
Description of CVE-2024-21216 | Oracle WebLogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attackers with network access via T3, and IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in the takeover of the Oracle WebLogic Server.
Reconnaissance of CVE-2024-21216 | Oracle WebLogic Server.
In this section, we use the online OSINT base tools to find the IPs and Domains that might be vulnerable to CVE-2024-21216 (Oracle WebLogic Server).
Tools such as shodan, Censys, fofa, Hunter.how and zoomeye etc.
Shodan.io
product:"Oracle WebLogic Server"
By using Shodan ALONE we can find more than 5.3K Instances.
Censys.io
"Oracle WebLogic Server"
Fofa.info
app="WebLogic-Server"
Hunter.how
product.name="WebLogic Server"
ZoomEYE.hk
app:"Oracle WebLogic Server"
Severity of CVE-2024-21216 | Oracle Web logic server takeover.
- CVSS Score: Critical 9.8
- Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploit information
You can find exploit information by visiting the following link
#CVE-2024-21216 Weblogic Remote Code Execution via T3/IIOP pic.twitter.com/Ez8e6TeEgG
— pyn3rd (@pyn3rd) October 16, 2024
