After Applying 10.3.6 Oct/2017 Still The System Is Vulnerable

(Doc ID 2359672.1)

Last updated on FEBRUARY 11, 2018

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.


Upgraded 10.3.6 People Soft installation from 10.3.4  to 10.3.6 and then applied the <Patch 26519424> Patch Set Update, patch ID FMJJ.

Thought the server is still vulnerable to CVE-2017-10271. Because that even though the PSU oct/17 is shown in bsu report as applied the startup log entries did not show the message:

<Info> <Management> <BEA-141107> <Version: WebLogic Server PSU Patch for BUG26519424  TUE SEP 12 18:34:42 IST 2017

WebLogic Server Tue Nov 15 08:52:36 PST 2011 1441050 >




Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms