CVE-2015-4852

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.0

Description The issue allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle common/modules/com.bea.core.apache.commons.collections.jar. This is due to the lack of input data sanitization measures in the WLS Security component.

Recommendations For Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.0, consider disabling the deserialization of untrusted data as a temporary workaround until a patch is available. Restrict access to the oracle common/modules/com.bea.core.apache.commons.collections.jar module to minimize the risk of exploitation. Avoid using the T3 protocol with untrusted input until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.