漏洞信息(CVE-2017-10271)

一、漏洞 CVE-2017-10271 基础信息

漏洞信息

                                        # N/A

## 漏洞概述
Oracle WebLogic Server 组件中的 WLS Security 子组件存在漏洞，允许未经过身份验证的攻击者利用 T3 协议进行攻击，从而接管 Oracle WebLogic Server。

## 影响版本
- 10.3.6.0.0
- 12.1.3.0.0
- 12.2.1.1.0
- 12.2.1.2.0

## 漏洞细节
此漏洞允许未经过身份验证的远程攻击者通过网络访问 T3 协议进行攻击。成功利用此漏洞可以导致 Oracle WebLogic Server 被完全接管。

## 影响
该漏洞的影响评分是 CVSS 3.0 基础评分为 7.5，主要影响系统可用性。  
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

N/A

来源：美国国家漏洞数据库 NVD

漏洞描述信息

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

来源：美国国家漏洞数据库 NVD

CVSS信息

N/A

来源：美国国家漏洞数据库 NVD

漏洞类别

N/A

来源：美国国家漏洞数据库 NVD

漏洞标题

Oracle Fusion Middleware Oracle WebLogic Server组件安全漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。Oracle WebLogic Server是其中的一个适用于云环境和传统环境的应用服务器组件。 Oracle Fusion Middleware中的Oracle WebLogic Server组件的WLS Security子组件存在安全漏洞。攻击者可利用该漏洞控制组件，影响数据的可用性、保密性和完整性。以下组版本受到影响：Or

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

授权问题

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2017-10271 的公开POC

#	POC 描述	源链接	神龙链接
1	CVE-2017-10271 WEBLOGIC RCE (TESTED)	https://github.com/1337g/CVE-2017-10271	POC详情
2	Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.	https://github.com/s3xy/CVE-2017-10271	POC详情
3	Simplified PoC for Weblogic-CVE-2017-10271	https://github.com/ZH3FENG/PoCs-Weblogic_2017_10271	POC详情
4	WebLogic Exploit	https://github.com/c0mmand3rOpSec/CVE-2017-10271	POC详情
5	CVE-2017-10271 POC	https://github.com/Luffin/CVE-2017-10271	POC详情
6	forked from https://github.com/s3xy/CVE-2017-10271. Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.Modified by hanc00l	https://github.com/cjjduck/weblogic_wls_wsat_rce	POC详情
7	Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)	https://github.com/kkirsche/CVE-2017-10271	POC详情
8	CVE-2017-10271 Weblogic 漏洞验证Poc及补丁	https://github.com/pssss/CVE-2017-10271	POC详情
9	cve-2017-10271 POC	https://github.com/SuperHacker-liuan/cve-2017-10271-poc	POC详情
10	WebLogic wls-wsat RCE CVE-2017-10271	https://github.com/peterpeter228/Oracle-WebLogic-CVE-2017-10271	POC详情
11	WebLogic Honeypot is a low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware. This is a Remote Code Execution vulnerability.	https://github.com/Cymmetria/weblogic_honeypot	POC详情
12	cve-2017-10271	https://github.com/JackyTsuuuy/weblogic_wls_rce_poc-exp	POC详情
13	Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)	https://github.com/R0B1NL1N/Oracle-WebLogic-WLS-WSAT	POC详情
14	None	https://github.com/lonehand/Oracle-WebLogic-CVE-2017-10271-master	POC详情
15	Java反序列化漏洞利用工具V1.0 Java反序列化相关漏洞的检查工具，采用JDK 1.8+NetBeans8.2开发，软件运行必须安装JDK 1.8或者以上版本。支持：weblogic xml反序列化漏洞 CVE-2017-10271/CNVD-C-2019-48814/CVE-2019-2725检查。	https://github.com/shack2/javaserializetools	POC详情
16	针对类似CVE-2017-10271漏洞的一个java反序列化漏洞扫描器	https://github.com/ETOCheney/JavaDeserialization	POC详情
17	Weblogic(CVE-2017-10271)	https://github.com/r4b3rt/CVE-2017-10271	POC详情
18	cve-2017-10271	https://github.com/cved-sources/cve-2017-10271	POC详情
19	Oracle-WebLogic-CVE-2017-10271	https://github.com/XHSecurity/Oracle-WebLogic-CVE-2017-10271	POC详情
20	POC for CVE-2017-10271. Since java.lang.ProcessBuilder was the original vector for RCE, there are multiple signature based rules that block this particular payload. Added java.lang.Runtime and will add others in the future. This is for educational purposes only: I take no responsibility for how you use this code.	https://github.com/kbsec/Weblogic_Wsat_RCE	POC详情
21	CVE-2019-2725poc汇总更新绕过CVE-2017-10271补丁POC	https://github.com/SkyBlueEternal/CNVD-C-2019-48814-CNNVD-201904-961	POC详情
22	WebLogic CNVD-C-2019_48814 CVE-2017-10271	https://github.com/Yuusuke4/WebLogic_CNVD_C_2019_48814	POC详情
23	WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm	https://github.com/7kbstorm/WebLogic_CNVD_C2019_48814	POC详情
24	(CVE-2017-10271)Java反序列化漏洞	https://github.com/ianxtianxt/-CVE-2017-10271-	POC详情
25	CVE-2017-10271	https://github.com/testwc/CVE-2017-10271	POC详情
26	CVE-2017-10271	https://github.com/Al1ex/CVE-2017-10271	POC详情
27	python3 POC for CVE-2019-2729 WebLogic Deserialization Vulnerability and CVE-2017-10271 amongst others	https://github.com/pizza-power/weblogic-CVE-2019-2729-POC	POC详情
28	WebLogic CNVD-C-2019_48814 CVE-2017-10271 Scan By 7kbstorm	https://github.com/KKsdall/7kbstormq	POC详情
29	The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent - WLS Security) is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attackers with network access via T3 to compromise Oracle WebLogic Server.	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-10271.yaml	POC详情
30	None	https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Weblogic%20%2010.3.6%20wls-wsat%20XMLDecoder%20%E5%8F%8D%E5%BA%8F%E5%88%97%E5%8C%96%E6%BC%8F%E6%B4%9E%20CVE-2017-10271.md	POC详情
31	None	https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Weblogic%20XMLDecoder%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2017-10271.md	POC详情
32	Weblogic wls-wsat XMLDecoder deserialization RCE CVE-2019-2725 + org.slf4j.ext.EventData	https://github.com/chaitin/xray-plugins/blob/main/poc/manual/weblogic-cve-2019-2725.yml	POC详情
33	Weblogic wls-wsat XMLDecoder deserialization RCE CVE-2017-10271	https://github.com/chaitin/xray-plugins/blob/main/poc/manual/weblogic-cve-2017-10271.yml	POC详情
34		https://github.com/vulhub/vulhub/blob/master/weblogic/CVE-2017-10271/README.md	POC详情

三、漏洞 CVE-2017-10271 的情报信息

https://github.com/c0mmand3rOpSec/CVE-2017-10271 x_refsource_MISC
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html x_refsource_CONFIRM
https://www.exploit-db.com/exploits/43458/ exploit x_refsource_EXPLOIT-DB
https://www.exploit-db.com/exploits/43924/ exploit x_refsource_EXPLOIT-DB
http://www.securityfocus.com/bid/101304 vdb-entry x_refsource_BID
http://www.securitytracker.com/id/1039608 vdb-entry x_refsource_SECTRACK
https://nvd.nist.gov/vuln/detail/CVE-2017-10271

一、 漏洞 CVE-2017-10271 基础信息

漏洞信息

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2017-10271 的公开POC

三、漏洞 CVE-2017-10271 的情报信息

一、漏洞 CVE-2017-10271 基础信息