CVE-2017-10271

Vulnerability Profile Updated 15 days ago
Download STIX
Preview STIX
CVE-2017-10271 is a critical vulnerability that was identified in Oracle's WebLogic WLS Security Component. This flaw in software design or implementation allows for Remote Code Execution (RCE), which can be exploited by malicious actors to gain unauthorized access and control over affected systems. The exploitation of this vulnerability depends on the system architecture, with "h32" or "h64" being used to invoke "java." This vulnerability was first observed being exploited along with other vulnerabilities such as Apache Struts and Adobe ColdFusion platform (CVE-2017-3066). The same actor is believed to have exploited these vulnerabilities, demonstrating a pattern of exploiting critical Java deserialization vulnerabilities across different platforms. This highlights the severity and widespread potential impact of CVE-2017-10271. To mitigate the risks associated with CVE-2017-10271, Check Point IPS provides protection against this threat. It also offers protection against another Oracle WebLogic Server vulnerability, specifically Improper Access Control (CVE-2023-21839). It is highly recommended that organizations apply these protections and ensure their systems are updated to prevent potential exploits.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Remote Code ...
Vulnerability
Coldfusion
Apache
Apache Struts
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
LuciferUnspecified
1
Lucifer is a powerful and relatively new malware variant that combines cryptojacking and DDoS (Distributed Denial of Service) attack capabilities. This malicious software targets Windows platforms, exploiting older vulnerabilities to spread and perform harmful activities. Lucifer is particularly not
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
CVE-2017-3066Unspecified
1
CVE-2017-3066 is a critical vulnerability that affects Adobe Flash Player. Discovered in February 2017, the vulnerability allows an attacker to remotely execute arbitrary code on a victim's computer by exploiting a use-after-free bug in the software. This means that an attacker can take control of a
CVE-2023-21839Unspecified
1
None
CVE-2018-20062Unspecified
1
CVE-2018-20062 is a significant vulnerability that affects the ThinkPHP framework. This flaw in software design or implementation allows for Remote Code Execution (RCE), meaning an attacker can execute arbitrary code on the targeted server remotely. The vulnerability is exploited by sending a specif
Source Document References
Information about the CVE-2017-10271 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Checkpoint
15 days ago
3rd June – Threat Intelligence Report - Check Point Research
MITRE
a year ago
Rocke: The Champion of Monero Miners
MITRE
a year ago
Lucifer: New Cryptojacking and DDoS Hybrid Malware Exploiting High and Critical Vulnerabilities to Infect Windows Devices
MITRE
a year ago
SpeakUp: A New Undetected Backdoor Linux Trojan - Check Point Research