Description

Oracle WebLogic Server (part of Oracle Fusion Middleware) is vulnerable to a remote code execution vulnerability.

The following versions of Oracle WebLogic Server are affected: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.

This easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.

Remediation

Upgrade to the latest version of Oracle WebLogic Server.

References

Related Vulnerabilities