Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: Remote code execution attacks SANS ISC InfoSec Forums

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Remote code execution attacks
The vulnerability scan for one my company's web application has highlighted a few critical (based on CVSS) WebLogic deserialization vulnerabilities. I'm a noob to cybersecurity and I'm trying to understand what is a typical threat vector that exploits this vulnerability? What is typically the number of RCE attacks a web application faces in a given time period - day, week, month, year? Additionally if you could point me to the right resource or direction for information for estimating number of attacks/events, I would be grateful.

Cheers!
Anonymous

Sign Up for Free or Log In to start participating in the conversation!