¡¾Îó²îͨ¸æ¡¿Oracle WebLogic Server 4Ô¶à¸öÇå¾²Îó²î
Ðû²¼Ê±¼ä 2023-04-19Ò»¡¢Îó²î¸ÅÊö
2023Äê4ÔÂ19ÈÕ£¬£¬£¬¼øºÚµ£±£ÍøVSRC¼à²âµ½OracleÐû²¼ÁË4ÔÂÇå¾²¸üУ¬£¬£¬±¾´Î¸üй²°üÀ¨433¸öÐÂÇå¾²²¹¶¡£¡£¡£¡£¡£¬£¬£¬Éæ¼°Oracle ºÍµÚÈý·½×é¼þÖеÄÎó²î¡£¡£¡£¡£¡£
´Ë´Î¸üÐÂÖй²°üÀ¨49¸öÕë¶Ô Oracle ÈÚºÏÖÐÐļþµÄÇå¾²²¹¶¡£¡£¡£¡£¡£¬£¬£¬ÆäÖÐ 44¸öÎó²îÎÞÐèÉí·ÝÑéÖ¤¼´¿É±»Ô¶³ÌʹÓᣡ£¡£¡£¡£ÆäÖÐÓ°ÏìOracle WebLogic ServerµÄ²¿·ÖÎó²îÈçÏ£º
CVE | ²úÆ· | Éæ¼°×é¼þ | ÐÒé | ÊÇ·ñÔ¶³ÌʹÓà | CVSSÆÀ·Ö | Ó°Ïì¹æÄ£ |
CVE-2023-24998 | Oracle WebLogic Server | Console £¨Apache Commons FileUpload£© | HTTP | ÊÇ | 7.5 | 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 |
CVE-2023-21996 | Oracle WebLogic Server | Web Services | HTTP | ÊÇ | 7.5 | 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 |
CVE-2023-21931 | Oracle WebLogic Server | Core | T3 | ÊÇ | 7.5 | 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 |
CVE-2023-21964 | Oracle WebLogic Server | Core | T3 | ÊÇ | 7.5 | 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 |
CVE-2023-21979 | Oracle WebLogic Server | Core | T3 | ÊÇ | 7.5 | 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 |
CVE-2023-21956 | Oracle WebLogic Server | Web Container | HTTP | ÊÇ | 6.1 | 12.2.1.4.0, 14.1.1.0.0 |
CVE-2023-21960 | Oracle WebLogic Server | Core | HTTP | ÊÇ | 5.6 | 12.2.1.3.0, 12.2.1.4.0 |
CVE-2023-24998£ºOracle WebLogic Server¾Ü¾øÐ§ÀÍÎó²î£¨¸ßΣ£©
Oracle WebLogic ServerÖÐʹÓõÄApache Commons FileUpload°æ±¾1.5֮ǰδÏÞÖÆÒª´¦Öóͷ£µÄÇëÇ󲿷ֵÄÊýÄ¿£¬£¬£¬µ¼Ö¿ÉÒÔͨ¹ý¶ñÒâÉÏ´«»òһϵÁÐÉÏ´«À´´¥·¢¾Ü¾øÐ§ÀÍ¡£¡£¡£¡£¡£
CVE-2023-21996£ºOracle WebLogic Server¾Ü¾øÐ§ÀÍÎó²î£¨¸ßΣ£©
Oracle WebLogic Server £¨×é¼þ£ºWeb Services£©Öб£´æÎó²î£¬£¬£¬Î´¾Éí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔͨ¹ý HTTP ¾ÙÐÐÍøÂç»á¼ûÀ´ÆÆËð Oracle WebLogic Server£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼ÖÂOracle WebLogic Server ¹ÒÆð»òƵÈÔÖØ¸´µÄÍ߽⣨ÍêÈ«DOS£©¡£¡£¡£¡£¡£
CVE-2023-21931£ºOracle WebLogic ServerδÊÚȨ»á¼ûÎó²î£¨¸ßΣ£©
Oracle WebLogic Server£¨×é¼þ£ºCore£©Öб£´æÎó²î£¬£¬£¬Î´¾Éí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔͨ¹ý T3 ¾ÙÐÐÍøÂç»á¼ûÀ´ÆÆËð Oracle WebLogic Server£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼Ö¶ÔÒªº¦Êý¾ÝµÄδÊÚȨ»á¼û»ò¶ÔËùÓÐOracle WebLogic Server¿É»á¼ûÊý¾ÝµÄÍêÈ«»á¼û¡£¡£¡£¡£¡£
CVE-2023-21964£ºOracle WebLogic Server¾Ü¾øÐ§ÀÍÎó²î£¨¸ßΣ£©
Oracle WebLogic Server£¨×é¼þ£ºCore£©Öб£´æÎó²î£¬£¬£¬Î´¾Éí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔͨ¹ý T3 ¾ÙÐÐÍøÂç»á¼ûÀ´ÆÆËð Oracle WebLogic Server£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼ÖÂOracle WebLogic Server ¹ÒÆð»òƵÈÔÖØ¸´µÄÍ߽⣨ÍêÈ«DOS£©¡£¡£¡£¡£¡£
CVE-2023-21979£ºOracle WebLogic Server CoreδÊÚȨ»á¼ûÎó²î£¨¸ßΣ£©
Oracle WebLogic Server£¨×é¼þ£ºCore£©Öб£´æÎó²î£¬£¬£¬Î´¾Éí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔͨ¹ý T3 ¾ÙÐÐÍøÂç»á¼ûÀ´ÆÆËð Oracle WebLogic Server£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î¿ÉÄܵ¼Ö¶ÔÒªº¦Êý¾ÝµÄδÊÚȨ»á¼û»ò¶ÔËùÓÐOracle WebLogic Server¿É»á¼ûÊý¾ÝµÄÍêÈ«»á¼û¡£¡£¡£¡£¡£
CVE-2023-21956£ºOracle WebLogic ServerδÊÚȨ»á¼ûÎó²î£¨ÖÐΣ£©
Oracle WebLogic Server£¨×é¼þ£ºWeb Container£©Öб£´æÎó²î£¬£¬£¬¿ÉÔÚÓû§½»»¥µÄÇéÐÎÏÂʹÓøÃÎó²î¶ÔijЩ Oracle WebLogic Server ¿É»á¼ûÊý¾Ý¾ÙÐÐδ¾ÊÚȨµÄ¸üС¢²åÈë»òɾ³ý²Ù×÷£¬£¬£¬ÒÔ¼°¶Ô Oracle WebLogic Server ¿É»á¼ûÊý¾ÝµÄ×Ó¼¯¾ÙÐÐδ¾ÊÚȨµÄ¶ÁÈ¡»á¼û¡£¡£¡£¡£¡£
CVE-2023-21960£ºOracle WebLogic ServerδÊÚȨ»á¼ûÎó²î£¨ÖÐΣ£©
Oracle WebLogic Serve£¨×é¼þ£ºCore£©Öб£´æÎó²î£¬£¬£¬Î´¾Éí·ÝÑéÖ¤µÄÍþвÕß¿ÉÒÔͨ¹ý HTTP ¾ÙÐÐÍøÂç»á¼ûÀ´ÆÆËð Oracle WebLogic Server£¬£¬£¬ÀÖ³ÉʹÓøÃÎó²î£¨¹¥»÷ÖØÆ¯ºó¸ß£©¿ÉÄܵ¼Ö¶ÔijЩ Oracle WebLogic Server ¿É»á¼ûÊý¾ÝµÄδÊÚȨ»á¼û»ò²Ù×÷£¬£¬£¬ÒÔ¼°¾Ü¾øÐ§À͵ȡ£¡£¡£¡£¡£
¶þ¡¢Ó°Ïì¹æÄ£
Oracle WebLogic Server°æ±¾£º12.2.1.3.0
Oracle WebLogic Server°æ±¾£º12.2.1.4.0
Oracle WebLogic Server°æ±¾£º14.1.1.0.0
Èý¡¢Çå¾²²½·¥
3.1 Éý¼¶°æ±¾
ÏÖÔÚOracleÒѾÐû²¼ÁËÏà¹ØÎó²îµÄ²¹¶¡ÜöÝÍ£¬£¬£¬ÊÜÓ°ÏìÓû§¿Éʵʱ¸üС£¡£¡£¡£¡£
²Î¿¼Á´½Ó£º
https://www.oracle.com/security-alerts/cpuapr2023.html
3.2 ÔÝʱ²½·¥
Èç·ÇÐëÒª£¬£¬£¬¿ÉÒÔÑ¡Ôñ½ûÓÃT3 ÐÒ飺
1£©½øÈëWebLogic¿ØÖÆÌ¨£¬£¬£¬ÔÚbase_domainµÄÉèÖÃÒ³ÃæÖУ¬£¬£¬½øÈë¡°Çå¾²¡±Ñ¡Ïî¿¨Ò³Ãæ£¬£¬£¬µã»÷¡°É¸Ñ¡Æ÷¡±£¬£¬£¬½øÈëÅþÁ¬É¸Ñ¡Æ÷ÉèÖᣡ£¡£¡£¡£
2)ÔÚÅþÁ¬É¸Ñ¡Æ÷ÖÐÊäÈ룺weblogic.security.net.ConnectionFilterImpl£¬£¬£¬ÔÚÅþÁ¬É¸Ñ¡Æ÷¹æÔòÖÐÊäÈ룺127.0.0.1 * * allow t3t3s£¬£¬£¬0.0.0.0/0 * *deny t3 t3s(t3ºÍt3sÐÒéµÄËùÓж˿ÚÖ»ÔÊÐíÍâµØ»á¼û)¡£¡£¡£¡£¡£
3£©ÉúÑĺóÐèÖØÐÂÆô¶¯£¬£¬£¬¹æÔò·½¿ÉÉúЧ¡£¡£¡£¡£¡£
3.3 ͨÓý¨Òé
l °´ÆÚ¸üÐÂϵͳ²¹¶¡£¡£¡£¡£¡£¬£¬£¬ïÔÌϵͳÎó²î£¬£¬£¬ÌáÉýЧÀÍÆ÷µÄÇå¾²ÐÔ¡£¡£¡£¡£¡£
l ÔöǿϵͳºÍÍøÂçµÄ»á¼û¿ØÖÆ£¬£¬£¬Ð޸ķÀ»ðǽսÂÔ£¬£¬£¬¹Ø±Õ·ÇÐëÒªµÄÓ¦Óö˿ڻòЧÀÍ£¬£¬£¬ïÔ̽«Î£ÏÕЧÀÍ£¨ÈçSSH¡¢RDPµÈ£©Ì»Â¶µ½¹«Íø£¬£¬£¬ïÔ̹¥»÷Ãæ¡£¡£¡£¡£¡£
l ʹÓÃÆóÒµ¼¶Çå¾²²úÆ·£¬£¬£¬ÌáÉýÆóÒµµÄÍøÂçÇå¾²ÐÔÄÜ¡£¡£¡£¡£¡£
l ÔöǿϵͳÓû§ºÍȨÏÞÖÎÀí£¬£¬£¬ÆôÓöàÒòËØÈÏÖ¤»úÖÆºÍ×îСȨÏÞÔÔò£¬£¬£¬Óû§ºÍÈí¼þȨÏÞÓ¦¼á³ÖÔÚ×îµÍÏÞ¶È¡£¡£¡£¡£¡£
l ÆôÓÃÇ¿ÃÜÂëÕ½ÂÔ²¢ÉèÖÃΪ°´ÆÚÐ޸ġ£¡£¡£¡£¡£
3.4 ²Î¿¼Á´½Ó
https://www.oracle.com/security-alerts/cpuapr2023.html
https://nvd.nist.gov/vuln/detail/CVE-2023-21931
ËÄ¡¢°æ±¾ÐÅÏ¢
°æ±¾ | ÈÕÆÚ | ±¸×¢ |
V1.0 | 2023-04-19 | Ê×´ÎÐû²¼ |
Îå¡¢¸½Â¼
5.1 ¼øºÚµ£±£Íø¼ò½é
¼øºÚµ£±£Íø½¨ÉèÓÚ1996Ä꣬£¬£¬ÊÇÓÉÁôÃÀ²©Ê¿ÑÏÍû¼ÑŮʿ½¨ÉèµÄ¡¢ÓµÓÐÍêÈ«×ÔÖ÷֪ʶ²úȨµÄÐÅÏ¢Çå¾²¸ß¿Æ¼¼ÆóÒµ¡£¡£¡£¡£¡£ÊǺ£ÄÚ×î¾ßʵÁ¦µÄÐÅÏ¢Çå¾²²úÆ·¡¢Ç徲ЧÀͽâ¾ö¼Æ»®µÄÁ캽ÆóÒµÖ®Ò»¡£¡£¡£¡£¡£
¹«Ë¾×ܲ¿Î»ÓÚ±±¾©ÊÐÖйشåÈí¼þÔ°¼øºÚµ£±£Íø´óÏ㬣¬£¬¹«Ë¾Ô±¹¤6000ÓàÈË£¬£¬£¬Ñз¢ÍŶÓ1200ÓàÈË, ÊÖÒÕЧÀÍÍŶÓ1300ÓàÈË¡£¡£¡£¡£¡£ÔÚÌìϸ÷Ê¡¡¢ÊС¢×ÔÖÎÇøÉèÁ¢·ÖÖ§»ú¹¹ÁùÊ®¶à¸ö£¬£¬£¬ÓµÓÐÁýÕÖÌìϵÄÏúÊÛϵͳ¡¢ÇþµÀϵͳºÍÊÖÒÕÖ§³Öϵͳ¡£¡£¡£¡£¡£¹«Ë¾ÓÚ2010Äê6ÔÂ23ÈÕÔÚÉîÛÚÖÐС°å¹ÒÅÆÉÏÊС£¡£¡£¡£¡££¨¹ÉƱ´úÂ룺002439£©
¶àÄêÀ´£¬£¬£¬¼øºÚµ£±£ÍøÖÂÁ¦ÓÚÌṩ¾ßÓйú¼Ê¾ºÕùÁ¦µÄ×ÔÖ÷Á¢ÒìµÄÇå¾²²úÆ·ºÍ×î¼Ñʵ¼ùЧÀÍ£¬£¬£¬×ÊÖú¿Í»§ÖÜÈ«ÌáÉýÆäIT»ù´¡ÉèÊ©µÄÇå¾²ÐÔºÍÉú²úЧÄÜ£¬£¬£¬Îª´òÔìºÍÌáÉý¹ú¼Ê»¯µÄÃñ×åÐÅÏ¢Çå¾²¹¤ÒµÁì¾üÆ·ÅÆ¶ø²»Ð¸Æð¾¢¡£¡£¡£¡£¡£
5.2 ¹ØÓÚ¼øºÚµ£±£Íø
¼øºÚµ£±£ÍøÇå¾²Ó¦¼±ÏìÓ¦ÖÐÐÄÒÑÐû²¼1000¶à¸öÎó²îͨ¸æºÍΣº¦Ô¤¾¯£¬£¬£¬ÎÒÃǽ«Ò»Á¬¸ú×ÙÈ«Çò×îеÄÍøÂçÇå¾²ÊÂÎñºÍÎó²î£¬£¬£¬ÎªÆóÒµµÄÐÅÏ¢Çå¾²±£¼Ý»¤º½¡£¡£¡£¡£¡£
¹Ø×¢ÎÒÃÇ£º