Security News > 2020 > May > Oracle: Unpatched Versions of WebLogic App Server Under Active Attack
Oracle is urging customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.
Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications.
"In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay."
Oracle WebLogic servers continue to be hard hit with exploits.
In June 2019, Oracle said that a critical remote code execution flaw in its WebLogic Server was being actively exploited in the wild.
News URL
https://threatpost.com/oracle-unpatched-versions-of-weblogic-app-server-under-active-attack/155420/
Related news
- New OpenSSH flaws expose SSH servers to MiTM and DoS attacks (source)
- Over 37,000 VMware ESXi servers vulnerable to ongoing attacks (source)
- Oracle Cloud says it's not true someone broke into its login servers and stole data (source)
- Oracle Health reportedly warns of info leak from legacy server (source)
- Oracle says "obsolete servers" hacked, denies cloud breach (source)