Rewterz Threat Advisory – CVE-2019-2725 – WebLogic Server Vulnerability

Thursday, May 2, 2019

Severity

High

Analysis Summary

A de-serialization vulnerability exists in Oracle WebLogic Server. This remote code execution vulnerability is remotely exploitable without authentication, i.e., it can be exploited over a network without the need for a username and password.

Impact

Remote code execution

Affected Products

Oracle WebLogic Server 10.3.6.0

Oracle WebLogic Server 12.1.3.0

Remediation

Vendor has released patch for the following product.

Fusion Middleware

Data Sheets

Corporate Brochure


Our Story


Services


Solutions


Managed Security


Upcoming Rewterz Trainings/Events

Rewterz News

  • 2, May 2019 Rewterz Threat Advisory – CVE-2019-2725 – WebLogic Server Vulnerability
  • 11, April 2019 Rewterz threat Advisory – Microsoft Internet Explorer Multiple Vulnerabilities
  • 11, April 2019 Rewterz Threat Advisory – Microsoft SharePoint Multiple Products Multiple Script Insertion Vulnerabilities
  • 11, April 2019 Rewterz Threat Advisory – Microsoft Exchange Server OWA Multiple Spoofing Vulnerabilities

Copyright © Rewterz. All rights reserved.