What is Oracle WebLogic?
  Oracle WebLogic is an enterprise
  application server developed by Oracle. According to 6sense.com, the
  application server is used by thousands of companies namely AT&T, NTT
  Data, Verizon, etc.
What is the attack?
The attack targets
  vulnerable Oracle WebLogic Server specifically in Oracle Fusion Middleware. The vulnerability is tracked under CVE-2023-21839 and exploits the flaw that allows unauthorized access to the
  vulnerable servers via T3 and IIOP (Oracle proprietary protocol). The affected
  versions are: 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.
 The vulnerability has a CVSS base score of 7.5 and attack
  complexity is rated “low” in the vendor advisory.
Why this is significant?
  On May 1st, 2023, CISA
  (Cybersecurity & Infrastructure Security Agency) added the Oracle
  WebLogic Server vulnerability (CVE-2023-21839) to their Known Exploited
  Vulnerabilities Catalog. Successful exploitation of the vulnerability allows
  unauthenticated attacker to compromise vulnerable Oracle WebLogic Server.
What is the vendor solution?
  Oracle released a critical patch
  last January.
What is the FortiGuard Coverage?
Fortinet customers are protected via FortiGuard IPS – refer to the Outbreak Alert for Oracle WebLogic Server Vulnerability for the full FortiGuard coverage details.
 
					