{"vulnerability": "cve-2019-2729", "sightings": [{"uuid": "f5fd64a9-201c-474a-a300-d81d23eea4ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "seen", "source": "https://t.me/antichat/5490", "content": "Oracle Security Alert Advisory - CVE-2019-2729\nhttps://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html", "creation_timestamp": "2019-06-19T21:34:42.000000Z"}, {"uuid": "240be768-9a6a-454b-b38f-8746bf277bbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2019-2729", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=400", "content": "", "creation_timestamp": "2019-06-19T04:00:00.000000Z"}, {"uuid": "36c6fcc5-5402-4451-b426-cb581554c5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "published-proof-of-concept", "source": "https://t.me/antichat/5593", "content": "Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic\nhttps://blog.trendmicro.com/trendlabs-security-intelligence/using-whitelisting-to-remediate-an-rce-vulnerability-cve-2019-2729-in-oracle-weblogic/", "creation_timestamp": "2019-06-25T12:22:06.000000Z"}, {"uuid": "16a2708e-9c73-48c1-8e3e-4d1dcdc86955", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "published-proof-of-concept", "source": "https://t.me/TheMalware_Team/1945", "content": "\u0623\u062f\u0627\u0629 vulmap\n\u0623\u062f\u0627\u0629 \u0635\u064a\u0646\u064a\u0629 \u0628\u0644\u063a\u0629 \u0627\u0644\u0628\u0627\u064a\u062b\u0648\u0646 \u0644\u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0648\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646\u0647\u0627 \u0648\u0641\u062d\u0635 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0641\u064a \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0645\u0639 \u0648\u0638\u0627\u0626\u0641 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u062a\u0634\u0645\u0644 \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u0645\u062f\u0639\u0648\u0645\u0629 activemq \u0648 flink \u0648 shiro \u0648 solr \u0648 struts2 \u0648 tomcat \u0648 unomi \u0648 drupal \u0648 elasticsearch \u0648 fastjson \u0648 jenkins \u0648 nexus \u0648 weblogic \u0648 jboss \u0648 spring \u0648 thinkphp\n\n\u0644\u0644\u062a\u062d\u0645\u064a\u0644 \nhttps://github.com/zhzyker/vulmap\n\n# cd vulmap\n# pip install -r requirements.txt\n# chmod +x vulmap.py\n\n\u0644\u0644\u0645\u0633\u0627\u0639\u062f\u0629 \n# python3 vulmap.py -h\n\n\u0644\u0639\u0631\u0636 \u0642\u0627\u0626\u0645\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 cves\n# python3 vulmap.py --list\n\n\u0644\u0641\u062d\u0635 \u062c\u0645\u064a\u0639 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0644\u0639\u0646\u0648\u0627\u0646 url\n# python3 vulmap.py -u example.com \n\n\u0641\u062d\u0635 \u0642\u0627\u0626\u0645\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 url \u0645\u0646 \u0645\u0644\u0641 \u0646\u0635\u064a txt \n# python3 vulmap.py -f list.txt\n\n\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0645\u062d\u062f\u062f\u0629\n# python3 vulmap.py -u example.com -v CVE-2019-2729\n\u0623\u0648\n# python3 vulmap.py -u example.com -m exp -v CVE-2019-2729 \n\n\u0645\u062e\u0631\u062c\u0627\u062a \u0627\u0644\u0628\u062d\u062b \u0648\u062d\u0641\u0638 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0628\u0635\u064a\u063a\u0629 json \n# python3 vulmap.py -u example.com --output-json result.json \n\n\u062d\u0641\u0638 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0628\u0635\u064a\u063a\u0629 text\n# python3 vulmap.py -u example.com --output-text result.text", "creation_timestamp": "2021-09-21T21:24:28.000000Z"}, {"uuid": "d0fedf70-b141-483d-92a4-52fad53d0a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "exploited", "source": "https://t.me/ctinow/12801", "content": "New Critical Oracle WebLogic Flaw Under Active Attack \u2014 Patch Now Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server.\n\nAccording to Oracle, the vulnerability\u2014which can be identified as CVE-2019-2729 and has a CVSS score of 9.8 out of 10\u2014is already being exploited in the wild by an unnamed group of attackers.\n\nOracle WebLogic is a Java-based multi-tier enterprise application", "creation_timestamp": "2019-06-19T20:51:26.000000Z"}, {"uuid": "3c3ea81c-77f0-4393-9cb8-4217cdc0a095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "seen", "source": "https://t.me/Pen7esting/216", "content": "Oracle WebLogic Deserialization RCE Vulnerability 2017~2019\n\nCVE-2019-2729\nCVE-2019-2725\nCVE-2017-10271\nCVE-2017-3506https://t.co/AFSK2UUXyL", "creation_timestamp": "2019-06-20T12:20:36.000000Z"}, {"uuid": "c8b76ecc-71a0-476d-a7c7-95f39204cf27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "published-proof-of-concept", "source": "https://t.me/BlackHut_Egy/17", "content": "\u0623\u062f\u0627\u0629 vulmap\n\u0623\u062f\u0627\u0629 \u0635\u064a\u0646\u064a\u0629 \u0628\u0644\u063a\u0629 \u0627\u0644\u0628\u0627\u064a\u062b\u0648\u0646 \u0644\u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0648\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646\u0647\u0627 \u0648\u0641\u062d\u0635 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0641\u064a \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0645\u0639 \u0648\u0638\u0627\u0626\u0641 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u062a\u0634\u0645\u0644 \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u0645\u062f\u0639\u0648\u0645\u0629 activemq \u0648 flink \u0648 shiro \u0648 solr \u0648 struts2 \u0648 tomcat \u0648 unomi \u0648 drupal \u0648 elasticsearch \u0648 fastjson \u0648 jenkins \u0648 nexus \u0648 weblogic \u0648 jboss \u0648 spring \u0648 thinkphp\n\n\u0644\u0644\u062a\u062d\u0645\u064a\u0644 \nhttps://github.com/zhzyker/vulmap\n\n# cd vulmap\n# pip install -r requirements.txt\n# chmod +x vulmap.py\n\n\u0644\u0644\u0645\u0633\u0627\u0639\u062f\u0629 \n# python3 vulmap.py -h\n\n\u0644\u0639\u0631\u0636 \u0642\u0627\u0626\u0645\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 cves\n# python3 vulmap.py --list\n\n\u0644\u0641\u062d\u0635 \u062c\u0645\u064a\u0639 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0644\u0639\u0646\u0648\u0627\u0646 url\n# python3 vulmap.py -u example.com \n\n\u0641\u062d\u0635 \u0642\u0627\u0626\u0645\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 url \u0645\u0646 \u0645\u0644\u0641 \u0646\u0635\u064a txt \n# python3 vulmap.py -f list.txt\n\n\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0645\u062d\u062f\u062f\u0629\n# python3 vulmap.py -u example.com -v CVE-2019-2729\n\u0623\u0648\n# python3 vulmap.py -u example.com -m exp -v CVE-2019-2729 \n\n\u0645\u062e\u0631\u062c\u0627\u062a \u0627\u0644\u0628\u062d\u062b \u0648\u062d\u0641\u0638 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0628\u0635\u064a\u063a\u0629 json \n# python3 vulmap.py -u example.com --output-json result.json \n\n\u062d\u0641\u0638 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0628\u0635\u064a\u063a\u0629 text\n# python3 vulmap.py -u example.com --output-text result.text\n\n#BLACKHUT_EGY", "creation_timestamp": "2021-10-13T12:56:49.000000Z"}, {"uuid": "520a7d32-06c8-44f4-b2b5-28e5c90a5a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "exploited", "source": "https://t.me/thehackernews/344", "content": "Oracle releases EMERGENCY updates to patch a newly discovered critical RCE vulnerability (CVE-2019-2729) in the Oracle WebLogic Server that is actively being exploited in the wild by attackers\n\nhttps://thehackernews.com/2019/06/oracle-weblogic-vulnerability.html", "creation_timestamp": "2019-06-19T20:48:21.000000Z"}, {"uuid": "9d93d7b2-67a5-4631-a510-6441db81d926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "published-proof-of-concept", "source": "https://t.me/TheMalware_Team/31548", "content": "\u0623\u062f\u0627\u0629 vulmap\n\u0623\u062f\u0627\u0629 \u0635\u064a\u0646\u064a\u0629 \u0628\u0644\u063a\u0629 \u0627\u0644\u0628\u0627\u064a\u062b\u0648\u0646 \u0644\u0641\u062d\u0635 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0645\u0648\u0627\u0642\u0639 \u0627\u0644\u0648\u064a\u0628 \u0648\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646\u0647\u0627 \u0648\u0641\u062d\u0635 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0641\u064a \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0645\u0639 \u0648\u0638\u0627\u0626\u0641 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0648\u062a\u0634\u0645\u0644 \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u0648\u064a\u0628 \u0627\u0644\u0645\u062f\u0639\u0648\u0645\u0629 activemq \u0648 flink \u0648 shiro \u0648 solr \u0648 struts2 \u0648 tomcat \u0648 unomi \u0648 drupal \u0648 elasticsearch \u0648 fastjson \u0648 jenkins \u0648 nexus \u0648 weblogic \u0648 jboss \u0648 spring \u0648 thinkphp\n\n\u0644\u0644\u062a\u062d\u0645\u064a\u0644 \nhttps://github.com/zhzyker/vulmap\n\n# cd vulmap\n# pip install -r requirements.txt\n# chmod +x vulmap.py\n\n\u0644\u0644\u0645\u0633\u0627\u0639\u062f\u0629 \n# python3 vulmap.py -h\n\n\u0644\u0639\u0631\u0636 \u0642\u0627\u0626\u0645\u0629 \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 cves\n# python3 vulmap.py --list\n\n\u0644\u0641\u062d\u0635 \u062c\u0645\u064a\u0639 \u0646\u0642\u0627\u0637 \u0627\u0644\u0636\u0639\u0641 \u0644\u0639\u0646\u0648\u0627\u0646 url\n# python3 vulmap.py -u example.com \n\n\u0641\u062d\u0635 \u0642\u0627\u0626\u0645\u0629 \u0639\u0646\u0627\u0648\u064a\u0646 url \u0645\u0646 \u0645\u0644\u0641 \u0646\u0635\u064a txt \n# python3 vulmap.py -f list.txt\n\n\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0645\u062d\u062f\u062f\u0629\n# python3 vulmap.py -u example.com -v CVE-2019-2729\n\u0623\u0648\n# python3 vulmap.py -u example.com -m exp -v CVE-2019-2729 \n\n\u0645\u062e\u0631\u062c\u0627\u062a \u0627\u0644\u0628\u062d\u062b \u0648\u062d\u0641\u0638 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0628\u0635\u064a\u063a\u0629 json \n# python3 vulmap.py -u example.com --output-json result.json \n\n\u062d\u0641\u0638 \u0627\u0644\u0646\u062a\u0627\u0626\u062c \u0628\u0635\u064a\u063a\u0629 text\n# python3 vulmap.py -u example.com --output-text result.text", "creation_timestamp": "2021-09-21T21:24:50.000000Z"}, {"uuid": "b279d35b-cdc2-48c6-a838-be0239f10b82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "seen", "source": "https://t.me/information_security_channel/28615", "content": "Oracle released an emergency security update for another critical remote code execution vulnerability that can be exploited by the remote attacker to gain control over the system. The vulnerability can be tracked as CVE-2019-2729 and has a CVSS Base Score of 9.8. It affects WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The security update addresses the [\u2026]\nThe post Oracle Patched Another Zero-Day Vulnerability that Can be Exploited Without Authentication (https://gbhackers.com/oracle-patched-weblogic-server/) appeared first on GBHackers On Security (https://gbhackers.com/).", "creation_timestamp": "2019-06-20T03:59:29.000000Z"}, {"uuid": "32e12672-4b50-4715-b73c-5b3a497ce327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "exploited", "source": "https://t.me/SecLabNews/5177", "content": "\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Oracle \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 WebLogic Server, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0432 \u0430\u0442\u0430\u043a\u0430\u0445. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2019-2729 \u0438 \u043f\u043e\u0432\u0442\u043e\u0440\u044f\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2019-2725, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0443\u044e \u0440\u0430\u043d\u0435\u0435 \u0434\u043b\u044f \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0432\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u041f\u041e Sodinokibi \u0438 \u043c\u0430\u0439\u043d\u0435\u0440\u043e\u0432 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442.    \n\u0412 Oracle WebLogic Server \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438", "creation_timestamp": "2019-06-20T08:17:02.000000Z"}, {"uuid": "6e430298-7c27-4248-bb34-c90ad1a8c70c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "seen", "source": "https://t.me/canyoupwnme/5659", "content": "Oracle Security Alert Advisory - CVE-2019-2729\nhttps://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html", "creation_timestamp": "2019-06-19T20:49:48.000000Z"}, {"uuid": "3ee07926-4add-4d19-ae59-e2d0960b0cab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-2729", "type": "seen", "source": "https://t.me/canyoupwnme/5672", "content": "Using Whitelisting to Remediate an RCE Vulnerability (CVE-2019-2729) in Oracle WebLogic\nhttps://blog.trendmicro.com/trendlabs-security-intelligence/using-whitelisting-to-remediate-an-rce-vulnerability-cve-2019-2729-in-oracle-weblogic/", "creation_timestamp": "2019-06-25T14:13:56.000000Z"}]}