Security News > 2020 > May > Oracle: Unpatched Versions of WebLogic App Server Under Active Attack
Oracle is urging customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.
Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications.
"In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay."
Oracle WebLogic servers continue to be hard hit with exploits.
In June 2019, Oracle said that a critical remote code execution flaw in its WebLogic Server was being actively exploited in the wild.
News URL
https://threatpost.com/oracle-unpatched-versions-of-weblogic-app-server-under-active-attack/155420/
Related news
- Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
- Over 3 million mail servers without encryption exposed to sniffing attacks (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Over 660,000 Rsync servers exposed to code execution attacks (source)