News

Oracle has released an urgent patch to eliminate critical vulnerabilities in WebLogic Server

The company said that an unknown group of cybercriminals in real attacks is already actively exploiting this security problem.

The vulnerability received an identifier CVE-2019-27296, and, according to the CVSS scale, it received 9.8 points out of 10.

“Due to the severity of this vulnerability, Oracle strongly recommends customers to apply updates as soon as possible”, — warn in Oracle.

The breach is described as a deserialization problem in Oracle WebLogic Server Web Services via XMLDecoder, allowing a remote unauthorized attacker to execute arbitrary code on the victim’s server. This results in complete control over the attacked server.

Read also: Attackers actively exploit previously discovered vulnerability in Oracle WebLogic

“The vulnerability of remote code execution can be exploited without having to go through the authentication process. Thus, an attacker can use a security problem without having username or password,” – said in the Oracle notification.

Company also noted connection of this vulnerability with a previously unmentioned problem of deserialization under the identifier CVE-2019-2725. She was also present at Oracle WebLogic Server, but was patched in April of this year.

Source: https://www.oracle.com

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove Adblockelite.xyz Pop-up Ads

About Adblockelite.xyz Adblockelite.xyz pop-ups can not open out of nowhere. If you have clicked some…

16 mins ago

Remove Appcloud-center.com Pop-up Ads

About Appcloud-center.com Appcloud-center.com pop-ups can not open out of nowhere. If you have actually clicked…

17 mins ago

Remove Groopheetex.com Pop-up Ads

About Groopheetex.com Groopheetex.com pop-ups can not expose out of nowhere. If you have clicked on…

18 mins ago

Remove Vidstreambox.com Pop-up Ads

About Vidstreambox.com Vidstreambox.com pop-ups can not expose out of the blue. If you have actually…

19 mins ago

Remove Mac-uptodate.com Pop-up Ads

About Mac-uptodate.com Mac-uptodate.com pop-ups can not introduce out of the blue. If you have actually…

20 mins ago

Remove Taffetlervers.com Pop-up Ads

About Taffetlervers.com Taffetlervers.com pop-ups can not expose out of the blue. If you have clicked…

22 mins ago