Security News > 2020 > October > Oracle WebLogic Server RCE Flaw Under Active Attack

Oracle WebLogic Server RCE Flaw Under Active Attack
2020-10-29 14:49

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn.

If an organization hasn't updated their Oracle WebLogic servers to protect them against a recently disclosed RCE flaw, researchers have a dire warning: "Assume it has been compromised."

Oracle WebLogic Server is a popular application server used in building and deploying enterprise Java EE applications.

In May 2020, Oracle urged customers to fast-track a patch for a critical flaw in its WebLogic Server under active attack.

In June 2019, Oracle said that a critical remote code execution flaw in its WebLogic Server was being actively exploited in the wild.


News URL

https://threatpost.com/oracle-weblogic-server-rce-flaw-attack/160723/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-10-21 CVE-2020-14882 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console).
0.0

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Oracle 698 249 2225 1709 366 4549