Oracle patches critical vulnerability in WebLogic Server Web Services

Oracle has just released a critical patch for a vulnerability in WebLogic Server Web Services. CVE-2019-2729 fixes a deserialization vulnerability via the XML decoder in Oracle WebLogic Server Web Services. This remote code execution vulnerability can be exploited remotely without authentication, i.e. it can be exploited over a network without requiring a username and password. Link 1, Link 2 (via Tweet of @PhantomofMobile).


This entry was posted in Security, Software, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.