Oracle WebLogic

Deploy Oracle WebLogic 12.2.1.3 in Docker. Requires an Oracle container registry account.

Prerequisites

Register at container-registry.oracle.com
Accept licence terms: Middleware → WebLogic
Login:

N/ABASH

docker login container-registry.oracle.com/v2
docker pull container-registry.oracle.com/middleware/weblogic:12.2.1.3

Domain Configuration

domain.propertiesBASH

username=weblogic
password=Passw0rd!

Run Container

N/ABASH

docker run -d -p 7001:7001 -p 9002:9002 --name 12213-weblogic \
  --hostname 12213-weblogic -v $PWD:/u01/oracle/properties \
  container-registry.oracle.com/middleware/weblogic:12.2.1.3

Admin console: https://127.0.0.1:9002/console/login/LoginForm.jsp

Deploying Vulnerabilities

The official Oracle images are patched against CVE-2017-3506, CVE-2017-10271, CVE-2019-2725, and CVE-2019-2729. To restore the vulnerable wls-wsat component:

Extract wls-wsat.war from Vulhub's WebLogic 10.3.6.0-2017 image
Deploy via WebLogic Console: Deployments → Install → Upload → Configure → Activate Changes

Access deployed service: http://127.0.0.1:7001/wls-wsat/CoordinatorPortType

Troubleshooting

Pull access denied — Verify Docker login and that licence terms have been accepted in the registry portal.

Out of Memory — Add --ulimit nofile=1024:65536 to the docker run command, or configure via systemd.

██╗ ██████╗ ███████╗██╗███████╗███╗ ██╗██████╗ ██║██╔═══██╗██╔════╝██║██╔════╝████╗ ██║██╔══██╗ ██║██║ ██║█████╗ ██║█████╗ ██╔██╗ ██║██║ ██║ ██║██║ ██║██╔══╝ ██║██╔══╝ ██║╚██╗██║██║ ██║ ██║╚██████╔╝██║ ██║███████╗██║ ╚████║██████╔╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝╚═════╝