Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Remote code execution attacks - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Remote code execution attacks
The vulnerability scan for one my company's web application has highlighted a few critical (based on CVSS) WebLogic deserialization vulnerabilities. I'm a noob to cybersecurity and I'm trying to understand what is a typical threat vector that exploits this vulnerability? What is typically the number of RCE attacks a web application faces in a given time period - day, week, month, year? Additionally if you could point me to the right resource or direction for information for estimating number of attacks/events, I would be grateful.

Cheers!
Anonymous

Sign Up for Free or Log In to start participating in the conversation!