“Due to the severity of this vulnerability, Oracle strongly recommends customers to apply updates as soon as possible”, — warn in Oracle.
The breach is described as a deserialization problem in Oracle WebLogic Server Web Services via XMLDecoder, allowing a remote unauthorized attacker to execute arbitrary code on the victim’s server. This results in complete control over the attacked server.
Read also: Attackers actively exploit previously discovered vulnerability in Oracle WebLogic
“The vulnerability of remote code execution can be exploited without having to go through the authentication process. Thus, an attacker can use a security problem without having username or password,” – said in the Oracle notification.
Company also noted connection of this vulnerability with a previously unmentioned problem of deserialization under the identifier CVE-2019-2725. She was also present at Oracle WebLogic Server, but was patched in April of this year.
Source: https://www.oracle.com
About Securedjointmetwork.co.in Securedjointmetwork.co.in pop-ups can not launch out of the blue. If you have clicked…
About Lecuminum.com Lecuminum.com pop-ups can not expose out of nowhere. If you have actually clicked…
About Webtmci24.top Webtmci24.top pop-ups can not launch out of the blue. If you have actually…
About Techlottads.top Techlottads.top pop-ups can not introduce out of nowhere. If you have clicked some…
About Streamcompletelysophisticatedthe-file.top Streamcompletelysophisticatedthe-file.top pop-ups can not introduce out of nowhere. If you have clicked some…
About Womadds.club Womadds.club pop-ups can not expose out of the blue. If you have actually…