Critical severity9.8CISA KEVNVD Advisory· Published Nov 18, 2015· Updated Apr 21, 2026

CVE-2015-4852

Description

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.

Affected products

Oracle Corporation/Storagetek Tape Analytics Sw Tool
cpe:2.3:a:oracle:storagetek_tape_analytics_sw_tool:2.3:*:*:*:*:*:*:*
Oracle Corporation/Virtual Desktop Infrastructure
cpe:2.3:a:oracle:virtual_desktop_infrastructure:*:*:*:*:*:*:*:*
Range: <=3.5.2
Oracle Corporation/Weblogic Server4 versions
cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_server:12.1.2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:weblogic_server:12.2.1.0.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.htmlnvdPatch
www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlnvdPatchVendor Advisory
www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlnvdPatchVendor Advisory
www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlnvdPatchVendor Advisory
www.oracle.com/technetwork/topics/security/cpujan2016-2367955.htmlnvdPatchVendor Advisory
foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/nvdExploit
packetstormsecurity.com/files/152268/Oracle-Weblogic-Server-Deserialization-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/42806/nvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/46628/nvdExploitThird Party AdvisoryVDB Entry
www.openwall.com/lists/oss-security/2015/11/17/19nvdMailing ListThird Party Advisory
www.oracle.com/technetwork/topics/security/alert-cve-2015-4852-2763333.htmlnvdVendor Advisory
www.securityfocus.com/bid/77539nvdBroken Link
www.securitytracker.com/id/1038292nvdBroken Link
blogs.oracle.com/security/entry/security_alert_cve_2015_4852nvdBroken Link
github.com/foxglovesec/JavaUnserializeExploits/blob/master/weblogic.pynvdProduct
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.074
exploit	0.030
kev	0.120
patch	0.000
ransomware	0.000