Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2015-4852 | First vendor Publication | 2015-11-18 |
Vendor | Cve | Last vendor Modification | 2023-12-21 |
Security-Database Scoring CVSS v3
Cvss vector : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | |||
---|---|---|---|
Overall CVSS Score | 9.8 | ||
Base Score | 9.8 | Environmental Score | 9.8 |
impact SubScore | 5.9 | Temporal Score | 9.8 |
Exploitabality Sub Score | 3.9 | ||
Attack Vector | Network | Attack Complexity | Low |
Privileges Required | None | User Interaction | None |
Scope | Unchanged | Confidentiality Impact | High |
Integrity Impact | High | Availability Impact | High |
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4852 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-502 | Deserialization of Untrusted Data |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 4 |
SAINT Exploits
Description | Link |
---|---|
Oracle WebLogic Apache Commons library deserialization vulnerability | More info here |
Snort® IPS/IDS
Date | Description |
---|---|
2016-03-29 | Java Library CommonsCollection unauthorized serialized object attempt RuleID : 37860 - Revision : 5 - Type : SERVER-WEBAPP |
2016-03-29 | Java Library CommonsCollection unauthorized serialized object attempt RuleID : 37859 - Revision : 6 - Type : SERVER-WEBAPP |
2016-03-14 | Java Library CommonsCollection unauthorized serialized object attempt RuleID : 36826 - Revision : 11 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2017-07-21 | Name : An application running on the remote web server is affected by multiple vulne... File : oracle_primavera_gateway_cpu_jul_2017.nasl - Type : ACT_GATHER_INFO |
2017-05-02 | Name : A web application running on the remote host is affected by a remote code exe... File : cisco_security_java_deser.nasl - Type : ACT_ATTACK |
2017-05-02 | Name : A network management system running on the remote host is affected by a remot... File : cisco_prime_lms_java_deser.nasl - Type : ACT_ATTACK |
2017-01-25 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_2_2_1075.nasl - Type : ACT_GATHER_INFO |
2017-01-25 | Name : A web application running on the remote host is affected by a remote code exe... File : mysql_enterprise_monitor_3_1_6_7959.nasl - Type : ACT_GATHER_INFO |
2017-01-25 | Name : A web application running on the remote host is affected by multiple vulnerab... File : mysql_enterprise_monitor_3_1_5_7958.nasl - Type : ACT_GATHER_INFO |
2016-11-17 | Name : A web management application running on the remote host is affected by multip... File : hp_nnmi_console_10_10.nasl - Type : ACT_GATHER_INFO |
2016-10-26 | Name : An application server installed on the remote host is affected by multiple vu... File : oracle_weblogic_server_cpu_oct_2016.nasl - Type : ACT_GATHER_INFO |
2016-10-10 | Name : The remote device is affected by a remote code execution vulnerability. File : cisco_cucm_CSCux34835.nasl - Type : ACT_GATHER_INFO |
2016-08-24 | Name : A web application hosted on the remote web server is affected by a remote cod... File : hp_intelligent_management_center_7_2.nasl - Type : ACT_GATHER_INFO |
2016-07-25 | Name : The remote web server is affected by a remote code execution vulnerability. File : hp_ucmdb_server_cve-2016-4368.nasl - Type : ACT_ATTACK |
2016-07-20 | Name : The Nexus Repository Manager server running on the remote host is affected by... File : sonatype_nexus_deserialization.nasl - Type : ACT_GATHER_INFO |
2016-07-13 | Name : The remote SolarWinds Virtualization Manager server is affected by a remote c... File : solarwinds_virtualization_manager_rmi_deserialization.nasl - Type : ACT_ATTACK |
2016-05-12 | Name : A web-based application running on the remote Windows host is affected by mul... File : coldfusion_win_apsb16-16.nasl - Type : ACT_GATHER_INFO |
2016-05-03 | Name : The remote host has a web application installed that is affected by a remote ... File : oracle_oats_cpu_apr_2016.nasl - Type : ACT_GATHER_INFO |
2016-04-26 | Name : The NetIQ Sentinel server installed on the remote host is affected by multipl... File : netiq_sentinel_7_4_1_0.nasl - Type : ACT_GATHER_INFO |
2016-04-20 | Name : The remote NetIQ Sentinel server is affected by a remote code execution vulne... File : netiq_sentinel_rmi_deserialization.nasl - Type : ACT_ATTACK |
2016-03-23 | Name : The remote host is affected by a remote code execution vulnerability. File : hp_operations_orchestration_hpsbgn03560.nasl - Type : ACT_GATHER_INFO |
2016-03-14 | Name : The remote web server hosts a job scheduling and management system that is af... File : jenkins_1_650.nasl - Type : ACT_GATHER_INFO |
2016-02-29 | Name : The remote web server is affected by a remote code execution vulnerability. File : jenkins_security247.nasl - Type : ACT_ATTACK |
2016-02-17 | Name : The remote Lexmark Markvision Enterprise server is affected by a remote code ... File : lexmark_markvision_enterprise_2016_1487.nasl - Type : ACT_ATTACK |
2016-02-08 | Name : A security management application installed on the remote Windows host is aff... File : mcafee_epo_sb10144.nasl - Type : ACT_GATHER_INFO |
2016-02-03 | Name : The remote host is affected by a remote code execution vulnerability. File : hp_operations_manager_for_win_CVE-2016-1985_local.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote host has a virtualization application installed that is affected b... File : vmware_orchestrator_vmsa_2015_0009.nasl - Type : ACT_GATHER_INFO |
2016-01-06 | Name : The remote host has a virtualization appliance installed that is affected by ... File : vmware_orchestrator_appliance_vmsa_2015_0009.nasl - Type : ACT_GATHER_INFO |
2015-12-18 | Name : An application running on the remote host is affected by an arbitrary command... File : symantec_endpoint_prot_mgr_2015_6554.nasl - Type : ACT_ATTACK |
2015-12-17 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL30518307.nasl - Type : ACT_GATHER_INFO |
2015-12-16 | Name : The remote host is running a web application that is affected by a remote cod... File : activemq_5_13_0.nasl - Type : ACT_GATHER_INFO |
2015-12-10 | Name : The remote OpenNMS server is affected by a remote code execution vulnerability. File : opennms_java_serialize.nasl - Type : ACT_ATTACK |
2015-12-10 | Name : The remote JBoss server is affected by multiple remote code execution vulnera... File : jboss_java_serialize.nasl - Type : ACT_ATTACK |
2015-12-02 | Name : The remote WebSphere Application Server is affected by a remote code executio... File : websphere_java_serialize.nasl - Type : ACT_ATTACK |
2015-11-23 | Name : The remote Oracle WebLogic server is affected by a remote code execution vuln... File : weblogic_2015_4852.nasl - Type : ACT_ATTACK |
2015-11-17 | Name : The remote web server is affected by a remote code execution vulnerability. File : jenkins_security218.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2023-12-21 21:28:39 |
|
2021-05-05 01:18:11 |
|
2021-05-04 12:40:33 |
|
2021-04-22 01:49:28 |
|
2020-05-23 13:17:07 |
|
2020-05-23 01:56:07 |
|
2020-05-23 00:45:45 |
|
2019-03-29 00:19:06 |
|
2019-03-28 05:19:02 |
|
2018-10-31 00:20:49 |
|
2018-01-18 21:22:33 |
|
2018-01-11 12:06:33 |
|
2017-11-18 09:22:06 |
|
2017-09-30 09:23:37 |
|
2017-07-11 12:04:19 |
|
2017-04-25 09:23:19 |
|
2016-11-29 00:25:17 |
|
2016-11-02 00:29:40 |
|
2016-10-26 09:22:46 |
|
2016-03-31 05:24:31 |
|
2016-01-22 09:22:27 |
|
2015-12-18 13:27:38 |
|
2015-11-24 21:26:41 |
|
2015-11-24 13:26:45 |
|
2015-11-19 21:24:57 |
|
2015-11-18 21:24:32 |
|