Aaron Soto

**Name of the Vulnerable Software and Affected Versions** Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.0 **Description** The issue allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle common/modules/com.bea.core.apache.commons.collections.jar. This is due to the lack of input data sanitization measures in the WLS Security component. **Recommendations** For Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.0, consider disabling the deserialization of untrusted data as a temporary workaround until a patch is available. Restrict access to the oracle common/modules/com.bea.core.apache.commons.collections.jar module to minimize the risk of exploitation. Avoid using the T3 protocol with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.