Security News > 2020 > October > Oracle WebLogic Vulnerability Targeted One Week After Patching

Oracle WebLogic Vulnerability Targeted One Week After Patching
2020-10-29 15:32

A vulnerability patched one week ago by Oracle in its WebLogic Server product has already been targeted for exploitation.

The vulnerability can be exploited remotely and without authentication, allowing an attacker to execute arbitrary code.

The SANS Technology Institute reported on Thursday that its honeypots have recorded attempts to exploit this WebLogic vulnerability.

Oracle WebLogic Server vulnerabilities are often targeted by threat actors, including profit-driven cybercriminals and state-sponsored groups.

Shortly after the April 2020 CPU was released, Oracle warned customers that a critical WebLogic vulnerability, one that was disclosed to the vendor by multiple researchers, including Jang, had been exploited in the wild.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/QaGF0WWCUHw/oracle-weblogic-vulnerability-targeted-one-week-after-patching

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Oracle 698 249 2225 1709 366 4549