All Products
Document Center

[Vulnerability notice] CVE-2017-3248: Deserialization vulnerability in WebLogic

Last Updated: Apr 08, 2018

It was revealed that the patch to fix the deserialization vulnerability may be bypassed in the well-known web middleware WebLogic. After installation, the patch is bypassed and remote command execution attacks occur. This vulnerability brings high security risks. Oracle officially released the latest patch in a timely manner to fix the vulnerability. We recommend that you perform self-check and upgrade immediately.

See the following for more information about the vulnerability.

CVE identifier


Vulnerability name

WebLogic deserialization vulnerability

Vulnerability rating


Vulnerability description

The deserialization vulnerability in remote command execution is detected in Oracle WebLogic Server,,, and A malicious attacker can remotely run commands by constructing malicious request packets to obtain system permissions, which brings serious security risks.

Condition and method of exploitation

Remote exploitation

Affected scope

  • WebLogic
  • WebLogic
  • WebLogic
  • WebLogic

Vulnerability detection

  • Check whether any affected version is used.
  • Check whether WebLogic Port 7001 is open.

How to fix or mitigate

  • The vendor has released the latest patch to fix the vulnerability. We recommend that you install the latest patch immediately.

    Note: The Oracle official patch requires that you have a licensed account to buy genuine software. Use your account to log on to and download the latest patch.

  • Use security group policies to block the intranet and Internet inbound traffic on Port 7001.