Threat Post

Oracle: Unpatched Versions of WebLogic App Server Under Active Attack

CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Oracle is urging customers to fast-track a patch for a critical ...
ZDNet

Oracle patches another actively-exploited WebLogic zero-day

Oracle released an out-of-band security update to fix a vulnerability in WebLogic servers that was being actively exploited in the real world to hijack users' systems. Attacks using this vulnerability ...
ZDNet

Oracle publishes rare out-of-band security update for WebLogic servers

Oracle has published on Sunday a rare out-of-band security update to address an incomplete patch for a recently disclosed vulnerability in Oracle WebLogic servers that is currently being actively ...
Dark Reading

Researchers Analyze Oracle WebLogic Flaw Under Attack

Oracle recently urged customers to deploy its April 2020 Critical Patch Update to address CVE-2020-2883, a vulnerability affecting multiple versions of the Oracle WebLogic Server. Both the company and ...
SDxCentral

Oracle updates WebLogic Kubernetes Toolkit with cross-architecture support

Oracle has released a revamped toolkit to make it easier to deploy WebLogic domains to Kubernetes clusters. Version 2.0 of ...
Threat Post

Oracle WebLogic Server RCE Flaw Under Active Attack

The flaw in the console component of the WebLogic Server, CVE-2020-14882, is under active attack, researchers warn. If an organization hasn’t updated their Oracle WebLogic servers to protect them ...