CVE-2023-21839 – Critical vulnerability in Oracle WebLogic

CVE-2023-21839 – Critical vulnerability in Oracle WebLogic

CVE-2023-21839 refers to a critical vulnerability found in Oracle WebLogic, which is an enterprise-level application server used to deploy and manage Java-based applications. A Common Vulnerabilities and Exposures (CVE) identifier is a unique reference assigned to a specific security vulnerability.

The CVE-2023-21839 vulnerability poses a significant risk to the security of Oracle WebLogic. As a critical vulnerability, it indicates that the flaw can be exploited by malicious actors to execute arbitrary code or carry out unauthorized activities on affected systems.

Oracle WebLogic Server has a vulnerability, known as CVE-2023-21839, which involves the disclosure of information. This vulnerability has the potential to result in remote code execution. Malicious actors can exploit this vulnerability via the T3/IIOP protocol network, enabling them to acquire unauthorized entry to vital data or potentially seize control of the server. The affected versions of Oracle WebLogic Server are 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0.

To remediate this we need to apply the latest PSU which includes the security fix for the above vulnerability

Patching Weblogic 12.2.1.4 with PSU April 2023

1. Download OPATCH Patch 28186730: OPATCH 13.9.4.2.12 FOR EM 13.4, 13.5 AND FMW/WLS 12.2.1.3.0, 12.2.1.4.0 AND 14.1.1.0.0

2. Download WLS PSU Apr23 35226999

3. Copy the above patches into the Weblogic Server

4. Take Backup of Weblogic Home and oraInventory as the OPatch will be updated so the only way to revert back is by restoring the backup

5. Export JAVA_HOME and shutdown all the middleware services

6. Update the OPatch using the below command

java -jar <patch_dir>/6880880/opatch_generic.jar -silent oracle_home=/u01/Oracle/Middleware/Oracle_Home

7. Check the opatch version

./opatch version
OPatch Version: 13.9.4.2.12

8. List the inventory using the below command and find the current release

./opatch lsinventory

Patch 33416868 : applied on Sun Dec 26 10:35:11 GST 2021
Unique Patch ID: 24444013
Patch description: "WLS PATCH SET UPDATE 12.2.1.4.210930"

9. Export the ORACLE_HOME where your MiddleWare home is located

export ORACLE_HOME=/u01/Oracle/Middleware/Oracle_Home

10. Export the OPatch path

export PATH=/u01/Oracle/Middleware/Oracle_Home/OPatch:$PATH

 

11. Go to the patch directory and unzip the Weblogic PSU patch

12. Navigate inside the patch and apply the patch using below command

opatch apply

 

13. Once the patch is applied successfully check inventory again and you will find the below

opatch lsinventory

Patch 35226999 : applied on Mon May 08 14:44:05 GST 2023
Unique Patch ID: 25170306
Patch description: "WLS PATCH SET UPDATE 12.2.1.4.230328"
Created on 28 Mar 2023, 07:59:20 hrs PST8PDT
Bugs fixed:

 

 

• Ratings: 5