Oracle patches critical vulnerability in WebLogic Server Web Services

Posted on 2019-06-19 by guenni

Oracle has just released a critical patch for a vulnerability in WebLogic Server Web Services. CVE-2019-2729 fixes a deserialization vulnerability via the XML decoder in Oracle WebLogic Server Web Services. This remote code execution vulnerability can be exploited remotely without authentication, i.e. it can be exploited over a network without requiring a username and password. Link 1, Link 2 (via Tweet of @PhantomofMobile).

Advertising
This entry was posted in Security, Software, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).