{"id":13526,"date":"2019-06-26T11:50:28","date_gmt":"2019-06-26T03:50:28","guid":{"rendered":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/?p=13526"},"modified":"2020-05-05T11:05:46","modified_gmt":"2020-05-05T03:05:46","slug":"%e3%80%90%e6%bc%8f%e6%b4%9e%e9%a0%90%e8%ad%a6%e3%80%91oracle-weblogic%e4%bc%ba%e6%9c%8d%e5%99%a8%e5%ad%98%e5%9c%a8%e5%ae%89%e5%85%a8%e6%bc%8f%e6%b4%9ecve-2019-2725%e8%88%87cve-2019-2729%ef%bc%8c","status":"publish","type":"post","link":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/archives\/13526","title":{"rendered":"\u3010\u6f0f\u6d1e\u9810\u8b66\u3011Oracle WebLogic\u4f3a\u670d\u5668\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e(CVE-2019-2725\u8207CVE-2019-2729)\uff0c\u5141\u8a31\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc"},"content":{"rendered":"<h3 align=\"center\">\u6559\u80b2\u6a5f\u69cbANA\u901a\u5831\u5e73\u53f0<\/h3>\n<table border=\"1\" cellspacing=\"0\">\n<tbody>\n<tr>\n<td>\u767c\u4f48\u7de8\u865f<\/td>\n<td>TACERT-ANA-2019062101061313<\/td>\n<td>\u767c\u4f48\u6642\u9593<\/td>\n<td>2019-06-21 13:20:14<\/td>\n<\/tr>\n<tr>\n<td>\u4e8b\u6545\u985e\u578b<\/td>\n<td>ANA-\u6f0f\u6d1e\u9810\u8b66<\/td>\n<td>\u767c\u73fe\u6642\u9593<\/td>\n<td>2019-06-20 00:00:00<\/td>\n<\/tr>\n<tr>\n<td>\u5f71\u97ff\u7b49\u7d1a<\/td>\n<td>\u9ad8<\/td>\n<td><\/td>\n<td><\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\">[\u4e3b\u65e8\u8aaa\u660e:]<\/p>\n<p>\u3010\u6f0f\u6d1e\u9810\u8b66\u3011Oracle WebLogic\u4f3a\u670d\u5668\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e(CVE-2019-<wbr><\/wbr>2725\u8207CVE-2019-2729)\uff0c<wbr><\/wbr>\u5141\u8a31\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u8acb\u5118\u901f\u78ba\u8a8d\u4e26\u9032\u884c\u66f4\u65b0<\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\">[\u5167\u5bb9\u8aaa\u660e:]<\/p>\n<p>\u8f49\u767c\u570b\u5bb6\u8cc7\u5b89\u8cc7\u8a0a\u5206\u4eab\u8207\u5206\u6790\u4e2d\u5fc3 \u8cc7\u5b89\u8a0a\u606f\u8b66\u8a0a NISAC-ANA-201906-0177<\/p>\n<p>Oracle WebLogic\u4f3a\u670d\u5668\u662f\u7531Oracle\u516c\u53f8\u958b\u767c\u7684Java EE\u61c9\u7528\u7a0b\u5f0f\u4f3a\u670d\u5668\u3002<\/p>\n<p>\u7814\u7a76\u4eba\u54e1\u767c\u73feOracle WebLogic\u4f3a\u670d\u5668\u5b58\u5728\u5169\u500b\u53cd\u5e8f\u5217\u5316\u5b89\u5168\u6f0f\u6d1e(CVE-<wbr><\/wbr>2019-2725\u8207CVE-2019-2729)\uff0c<wbr><\/wbr>\u5c0e\u81f4\u672a\u7d93\u6388\u6b0a\u7684\u9060\u7aef\u653b\u64ca\u8005\u53ef\u900f\u904e\u767c\u9001\u60e1\u610f\u8acb\u6c42\uff0c<wbr><\/wbr>\u5229\u7528\u6f0f\u6d1e\u9032\u800c\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002<\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\">[\u5f71\u97ff\u5e73\u53f0:]<\/p>\n<p>CVE-2019-2725\uff1a Oracle WebLogic\u4f3a\u670d\u566810.3.6.0.0\u820712.1.3.<wbr><\/wbr>0.0\u7248\u672c<\/p>\n<p>CVE-2019-2729\uff1a Oracle WebLogic\u4f3a\u670d\u566810.3.6.0.0\u300112.1.3.<wbr><\/wbr>0.0\u53ca12.2.1.3.0\u7248\u672c<\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\">[\u5efa\u8b70\u63aa\u65bd:]<\/p>\n<p>\u76ee\u524dOracle\u5b98\u65b9\u5df2\u91dd\u5c0d\u5f31\u9ede\u91cb\u51fa\u4fee\u5fa9\u7248\u672c\uff0c<wbr><\/wbr>\u8acb\u5404\u6a5f\u95dc\u806f\u7d61\u8a2d\u5099\u7dad\u8b77\u5ee0\u5546\u9032\u884c\u7248\u672c\u78ba\u8a8d\u8207\u66f4\u65b0\uff0c<wbr><\/wbr>\u5b98\u65b9\u516c\u544a\u9023\u7d50\u5982\u4e0b\uff1a<\/p>\n<ol>\n<li><a href=\"https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2725-5466295.html\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2725-5466295.html&amp;source=gmail&amp;ust=1561606938108000&amp;usg=AFQjCNGphnbHr4smO1RNuLGU8dg3ZDD5-g\">https:\/\/www.oracle.com\/<wbr><\/wbr>technetwork\/security-advisory\/<wbr><\/wbr>alert-cve-2019-2725-5466295.<wbr><\/wbr>html<\/a><\/li>\n<li><a href=\"https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2729-5570780.html\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2729-5570780.html&amp;source=gmail&amp;ust=1561606938108000&amp;usg=AFQjCNELV8yO6OzkBBsKmdBNBN_kvufDFA\">https:\/\/www.oracle.com\/<wbr><\/wbr>technetwork\/security-advisory\/<wbr><\/wbr>alert-cve-2019-2729-5570780.<wbr><\/wbr>html<\/a><\/li>\n<\/ol>\n<\/td>\n<\/tr>\n<tr>\n<td colspan=\"4\">[\u53c3\u8003\u8cc7\u6599:]<\/p>\n<ol>\n<li><a href=\"https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2725-5466295.html&amp;\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2725-5466295.html%26&amp;source=gmail&amp;ust=1561606938108000&amp;usg=AFQjCNE2Wpi5VaOgdsOuVz4LcThzBHcsgA\">https:\/\/www.oracle.com\/<wbr><\/wbr>technetwork\/security-advisory\/<wbr><\/wbr>alert-cve-2019-2725-5466295.<wbr><\/wbr>html&amp;<\/a><\/li>\n<li><a href=\"https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2729-5570780.html\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2729-5570780.html&amp;source=gmail&amp;ust=1561606938108000&amp;usg=AFQjCNELV8yO6OzkBBsKmdBNBN_kvufDFA\">https:\/\/www.oracle.com\/<wbr><\/wbr>technetwork\/security-advisory\/<wbr><\/wbr>alert-cve-2019-2729-5570780.<wbr><\/wbr>html<\/a><\/li>\n<li>https:\/\/blogs.oracle.com\/<wbr><\/wbr>security\/security-alert-cve-<wbr><\/wbr>2019-2729-released<\/li>\n<li><a href=\"https:\/\/threatpost.com\/oracle-warns-of-new-actively-exploited-weblogic-flaw\/145829\/\" target=\"_blank\" rel=\"noopener noreferrer\" data-saferedirecturl=\"https:\/\/www.google.com\/url?q=https:\/\/threatpost.com\/oracle-warns-of-new-actively-exploited-weblogic-flaw\/145829\/&amp;source=gmail&amp;ust=1561606938108000&amp;usg=AFQjCNHVGyLkHJRFR4bH7o7A-3C8QvGMqg\">https:\/\/threatpost.com\/oracle-<wbr><\/wbr>warns-of-new-actively-<wbr><\/wbr>exploited-weblogic-flaw\/<wbr><\/wbr>145829\/<\/a><\/li>\n<li>https:\/\/www.cisecurity.org\/<wbr><\/wbr>advisory\/a-vulnerability-in-&gt;oracle-weblogic-could-allow-for-remote-code-execution_2019-068\/<\/li>\n<li><a href=\"https:\/\/medium.com\/@knownsec404team\/knownsec-404-team-alert-again-cve-2019-2725-patch-bypassed-32a6a7b7ca15?postPublishedType=repub\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/medium.com\/@<wbr><\/wbr>knownsec404team\/knownsec-404-team-alert-again-cve-2019-2725-patch-bypassed-32a6a7b7ca15?&gt;postPublishedType=repub<\/a><\/li>\n<\/ol>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>\u6559\u80b2\u6a5f\u69cbANA\u901a\u5831\u5e73\u53f0 \u767c\u4f48\u7de8\u865f TACERT-ANA-2019062101061313 \u767c\u4f48\u6642\u9593 2019-06-21 13:20:14 \u4e8b\u6545\u985e\u578b ANA-\u6f0f\u6d1e\u9810\u8b66 \u767c\u73fe\u6642\u9593 2019-06-20 00:00:00 \u5f71\u97ff\u7b49\u7d1a \u9ad8 [\u4e3b\u65e8\u8aaa\u660e:]<\/p>\n<p>\u3010\u6f0f\u6d1e\u9810\u8b66\u3011Oracle WebLogic\u4f3a\u670d\u5668\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e(CVE-2019-2725\u8207CVE-2019-2729)\uff0c\u5141\u8a31\u653b\u64ca\u8005\u9060\u7aef\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\uff0c\u8acb\u5118\u901f\u78ba\u8a8d\u4e26\u9032\u884c\u66f4\u65b0 [\u5167\u5bb9\u8aaa\u660e:]<\/p>\n<p>\u8f49\u767c\u570b\u5bb6\u8cc7\u5b89\u8cc7\u8a0a\u5206\u4eab\u8207\u5206\u6790\u4e2d\u5fc3 \u8cc7\u5b89\u8a0a\u606f\u8b66\u8a0a NISAC-ANA-201906-0177<\/p>\n<p>Oracle WebLogic\u4f3a\u670d\u5668\u662f\u7531Oracle\u516c\u53f8\u958b\u767c\u7684Java EE\u61c9\u7528\u7a0b\u5f0f\u4f3a\u670d\u5668\u3002<\/p>\n<p>\u7814\u7a76\u4eba\u54e1\u767c\u73feOracle WebLogic\u4f3a\u670d\u5668\u5b58\u5728\u5169\u500b\u53cd\u5e8f\u5217\u5316\u5b89\u5168\u6f0f\u6d1e(CVE-2019-2725\u8207CVE-2019-2729)\uff0c\u5c0e\u81f4\u672a\u7d93\u6388\u6b0a\u7684\u9060\u7aef\u653b\u64ca\u8005\u53ef\u900f\u904e\u767c\u9001\u60e1\u610f\u8acb\u6c42\uff0c\u5229\u7528\u6f0f\u6d1e\u9032\u800c\u57f7\u884c\u4efb\u610f\u7a0b\u5f0f\u78bc\u3002 [\u5f71\u97ff\u5e73\u53f0:]<\/p>\n<p>CVE-2019-2725\uff1a Oracle WebLogic\u4f3a\u670d\u566810.3.6.0.0\u820712.1.3.0.0\u7248\u672c<\/p>\n<p>CVE-2019-2729\uff1a Oracle WebLogic\u4f3a\u670d\u566810.3.6.0.0\u300112.1.3.0.0\u53ca12.2.1.3.0\u7248\u672c [\u5efa\u8b70\u63aa\u65bd:]<\/p>\n<p>\u76ee\u524dOracle\u5b98\u65b9\u5df2\u91dd\u5c0d\u5f31\u9ede\u91cb\u51fa\u4fee\u5fa9\u7248\u672c\uff0c\u8acb\u5404\u6a5f\u95dc\u806f\u7d61\u8a2d\u5099\u7dad\u8b77\u5ee0\u5546\u9032\u884c\u7248\u672c\u78ba\u8a8d\u8207\u66f4\u65b0\uff0c\u5b98\u65b9\u516c\u544a\u9023\u7d50\u5982\u4e0b\uff1a<\/p>\n<p> https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2725-5466295.html https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2729-5570780.html [\u53c3\u8003\u8cc7\u6599:]<\/p>\n<p> https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2725-5466295.html&amp; https:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2019-2729-5570780.html https:\/\/blogs.oracle.com\/security\/security-alert-cve-2019-2729-released https:\/\/threatpost.com\/oracle-warns-of-new-actively-exploited-weblogic-flaw\/145829\/ https:\/\/www.cisecurity.org\/advisory\/a-vulnerability-in-&gt;oracle-weblogic-could-allow-for-remote-code-execution_2019-068\/ https:\/\/medium.com\/@knownsec404team\/knownsec-404-team-alert-again-cve-2019-2725-patch-bypassed-32a6a7b7ca15?&gt;postPublishedType=repub [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"_links":{"self":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/13526"}],"collection":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/comments?post=13526"}],"version-history":[{"count":0,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/13526\/revisions"}],"wp:attachment":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/media?parent=13526"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/categories?post=13526"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/tags?post=13526"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}