LR pixel

What is Oracle WebLogic?

Oracle WebLogic is an enterprise
application server developed by Oracle. According to, the
application server is used by thousands of companies namely AT&T, NTT
Data, Verizon, etc.

What is the attack?

The attack targets
vulnerable Oracle WebLogic Server specifically in Oracle Fusion Middleware. The vulnerability is tracked under CVE-2023-21839 and exploits the flaw that allows unauthorized access to the
vulnerable servers via T3 and IIOP (Oracle proprietary protocol). The affected
versions are:, and
The vulnerability has a CVSS base score of 7.5 and attack
complexity is rated “low” in the vendor advisory.

Why this is significant?

On May 1st, 2023, CISA
(Cybersecurity & Infrastructure Security Agency) added the Oracle
WebLogic Server vulnerability (CVE-2023-21839) to their Known Exploited
Vulnerabilities Catalog. Successful exploitation of the vulnerability allows
unauthenticated attacker to compromise vulnerable Oracle WebLogic Server.

What is the vendor solution?

Oracle released a critical patch
last January.

What is the FortiGuard Coverage?

FortiGuard Labs is currently
investigating coverage for CVE-2023-21839.