KEVIntel
Back to KEVs
7.5
CVSS
High

CVE-2017-10271

PUBLISHED

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are...

Exploited in the wild Used in malware Remote Low complexity No user interaction
Vendor
Oracle Corporation
Product
WebLogic Server
Published
Oct 19, 2017
EPSS

Description

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

cisa malware ransomware nuclei_scanner metasploit

CVSS scores

CVSS v3.1 7.5 High

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS v2.0 5.0

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitation status

Exploited in the wild

Recorded 2022-02-10 00:00:00 UTC · Source

Used in malware

Recorded 2022-02-10 00:00:00 UTC · Source

SSVC decision points

Exploitation
active
Automatable
Yes
Technical impact
partial

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CISA Feb 10, 2022

Scanner integrations

Scanner Reference Detected
Metasploit https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/oracle_weblogic_wsat_deserialization_rce.rb Apr 28, 2025
Nuclei https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-10271.yaml Apr 25, 2025

Potential proof of concepts

These PoCs are unverified and could contain malware. Use at your own risk.

oracle_weblogic_wsat_deserialization_rce

metasploit · Created Unknown

Metasploit module for CVE-2017-10271

Al1ex/CVE-2017-10271

github · Created 2020-11-18 02:31:18 UTC · 2 stars

CVE-2017-10271

testwc/CVE-2017-10271

github · Created 2020-04-06 02:01:20 UTC · 0 stars

CVE-2017-10271

ianxtianxt/-CVE-2017-10271-

github · Created 2019-11-05 13:33:56 UTC · 2 stars

(CVE-2017-10271)Java反序列化漏洞

XHSecurity/Oracle-WebLogic-CVE-2017-10271

github · Created 2019-03-15 01:50:01 UTC · 1 stars

原创作者:[email protected]

r4b3rt/CVE-2017-10271

github · Created 2018-12-20 03:17:51 UTC · 0 stars

Weblogic(CVE-2017-10271)

lonehand/Oracle-WebLogic-CVE-2017-10271-master

github · Created 2018-07-06 08:32:28 UTC · 1 stars

peterpeter228/Oracle-WebLogic-CVE-2017-10271

github · Created 2018-01-19 15:50:08 UTC · 0 stars

WebLogic wls-wsat RCE CVE-2017-10271

pssss/CVE-2017-10271

github · Created 2018-01-16 03:10:48 UTC · 5 stars

CVE-2017-10271 Weblogic 漏洞验证Poc及补丁

kkirsche/CVE-2017-10271

github · Created 2018-01-05 21:57:03 UTC · 126 stars

Oracle WebLogic WLS-WSAT Remote Code Execution Exploit (CVE-2017-10271)

Luffin/CVE-2017-10271

github · Created 2017-12-28 07:19:13 UTC · 29 stars

CVE-2017-10271 POC

c0mmand3rOpSec/CVE-2017-10271

github · Created 2017-12-28 01:30:50 UTC · 142 stars

WebLogic Exploit

s3xy/CVE-2017-10271

github · Created 2017-12-25 06:11:54 UTC · 22 stars

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.

1337g/CVE-2017-10271

github · Created 2017-12-23 13:04:23 UTC · 38 stars

CVE-2017-10271 WEBLOGIC RCE (TESTED)

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Exploit Used in Malware

  • Added to KEVIntel

  • Detected by Nuclei

  • Detected by Metasploit