Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Remote code execution attacks SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Remote code execution attacks
The vulnerability scan for one my company's web application has highlighted a few critical (based on CVSS) WebLogic deserialization vulnerabilities. I'm a noob to cybersecurity and I'm trying to understand what is a typical threat vector that exploits this vulnerability? What is typically the number of RCE attacks a web application faces in a given time period - day, week, month, year? Additionally if you could point me to the right resource or direction for information for estimating number of attacks/events, I would be grateful.


Sign Up for Free or Log In to start participating in the conversation!