Hjem » Nyheter » Oracle har lansert et presserende oppdatering for å eliminere kritiske sårbarheter i WebLogic Server

Oracle har lansert et presserende oppdatering for å eliminere kritiske sårbarheter i WebLogic Server

The company said that an unknown group of cybercriminals in real attacks is already actively exploiting this security problem.

The vulnerability received an identifier CVE-2019-27296, og, according to the CVSS scale, it received 9.8 points out of 10.

“Due to the severity of this vulnerability, Oracle strongly recommends customers to apply updates as soon as possible”, — warn in Oracle.

The breach is described as a deserialization problem in Oracle WebLogic Server Web Services via XMLDecoder, allowing a remote unauthorized attacker to execute arbitrary code on the victim’s server. This results in complete control over the attacked server.

Les også: Angripere aktivt utnytte tidligere oppdaget sårbarhet i Oracle WebLogic

“The vulnerability of remote code execution can be exploited without having to go through the authentication process. Og dermed, an attacker can use a security problem without having username or password,” – said in the Oracle notification.

Company also noted connection of this vulnerability with a previously unmentioned problem of deserialization under the identifier CVE-2019-2725. She was also present at Oracle WebLogic Server, men was patched in April of this year.

Kilde: https://www.oracle.com

[Totalt:1    Gjennomsnitt:5/5]
LESE  In Oracle WebLogic is found vulnerability: specialist confirm that attacks through are ongoing

Om Trojan Killer

Carry Trojan Killer Portable på minnepinne. Vær sikker på at du er i stand til å hjelpe din PC motstå eventuelle cyber trusler uansett hvor du går.

Sjekk også

APT34 bruke Linkedin for å levere en bakdør

Iranske hackere APT34 bruke Linkedin til å levere en bakdør

Huller gruppe APT34, som er forbundet med den iranske regjeringen, fortsetter sin spionasje kampanjer, …

Extenbro Trojan

Extenbro Trojan erstatter DNS og blokkerer tilgang til antivirus nettsteder

Malwarebytes Labs specialists discovered Extenbro Trojan, which not only replaces DNS for displaying advertisements, men …

Legg igjen et svar