Security News > 2020 > May > Oracle: Unpatched Versions of WebLogic App Server Under Active Attack
Oracle is urging customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.
Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications.
"In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay."
Oracle WebLogic servers continue to be hard hit with exploits.
In June 2019, Oracle said that a critical remote code execution flaw in its WebLogic Server was being actively exploited in the wild.
News URL
https://threatpost.com/oracle-unpatched-versions-of-weblogic-app-server-under-active-attack/155420/
Related news
- 'Hadooken' Linux malware targets Oracle WebLogic servers (source)
- New Linux malware Hadooken targets Oracle WebLogic servers (source)
- New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)