News

In Oracle assessed seriousness of emerged issue and launched unplanned patch for WebLogic server

By the end of last week, experts from Chinese KnownSec 404 company that stands behind IoT-searcher ZoomEye development, discovered dangerous issue in Oralce WebLogic.

Bug presented a threat for all Oracle WebLogic servers with running components WLS9_ASYNC and WLS-WSAT. First component is necessary for performing asynchronous operations while the second is protective solution.

Vulnerability is linked with deserialization and allows remote attacker to achieve execution of any commands without authorization (with the help of special HTTP-request).

Situations was complicated by the fact that intruders have already used this issue. As Oracle launched quarterly set of patches for its products relatively recently, specialists suggested that patch for 0-day vulnerability will arrive only in June 2019 as a part of next quarterly set of updates.

Fortunately, experts were wrong this time. Oracle made untypical gesture and presented urgent unplanned patch for this issues. Vulnerability got identifier CVE-2019-2725 and scored 9.8 points in 10-point CVSS vulnerability scale.

As issue is immensely serious, developers urge users to install updates as soon as possible.

“Due to the severity of this vulnerability, Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible”, – wrote Oracle developers

Source: https://www.oracle.com

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove Adblockelite.xyz Pop-up Ads

About Adblockelite.xyz Adblockelite.xyz pop-ups can not open out of nowhere. If you have clicked some…

2 hours ago

Remove Appcloud-center.com Pop-up Ads

About Appcloud-center.com Appcloud-center.com pop-ups can not open out of nowhere. If you have actually clicked…

2 hours ago

Remove Groopheetex.com Pop-up Ads

About Groopheetex.com Groopheetex.com pop-ups can not expose out of nowhere. If you have clicked on…

2 hours ago

Remove Vidstreambox.com Pop-up Ads

About Vidstreambox.com Vidstreambox.com pop-ups can not expose out of the blue. If you have actually…

2 hours ago

Remove Mac-uptodate.com Pop-up Ads

About Mac-uptodate.com Mac-uptodate.com pop-ups can not introduce out of the blue. If you have actually…

2 hours ago

Remove Taffetlervers.com Pop-up Ads

About Taffetlervers.com Taffetlervers.com pop-ups can not expose out of the blue. If you have clicked…

2 hours ago