Intrusion Prevention

Oracle.Weblogic.EJBTaglibDescriptor.XXE

Description

This indicates an attack attempt to exploit a External Entity Injection Vulnerability in Oracle WebLogic Server.
A remote attacker could exploit this vulnerability by sending malicious XML data to the target server. Successful exploitation could result in the disclosure of file content on the target machine.

Affected Products

Oracle WebLogic Server 10.3.6
Oracle WebLogic Server 12.1.3
Oracle WebLogic Server 12.2.1.3

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.oracle.com/security-alerts/cpuoct2019.html

CVE References

CVE-2019-2888