Oracle WebLogic Server | SecPod Community

Jun20 0

image credit: blogs.oracle.com Oracle has released an out-of-band security update to address a critical vulnerability in Oracle WebLogic Server. A deserialization flaw allows remote code execution and is tracked with CVE-2019-2729. This vulnerability is rated critical and is found to be exploited in-the-wild. The vulnerability exists due to a deserialization flaw in XMLDecoder in Oracle […]

Apr27 0

Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. A configured instance to host applications and resources. Oracle in October 2017 published a critical arbitrary code execution vulnerability concerning Oracle WebLogic and assigned cve CVE-2017-10271. The critical Java deserialization vulnerability in WebLogic’s ‘WLS Security’ subcomponent was the result of […]

Tag: Oracle WebLogic Server

ALERT: Another Deserialization RCE Vulnerability in Oracle WebLogic Server (CVE-2019-2729) Exploited in the Wild

Oracle WebLogic WLS-WSAT Component Deserialisation RCE