Alert

Researchers warn of unpatched vulnerability in Oracle WebLogic Server

CSO Logo

By 

CSO Senior Writer, CSO

weakest link

Several security companies have detected scans over the past week that look for Oracle WebLogic servers vulnerable to a flaw that hasn’t yet been patched, possibly in preparation for malicious attacks. The vulnerability is a deserialization bug that can lead to remote code execution, but it’s located in a specific package called wls9_async_response that’s not included by default in all WebLogic server builds. Therefore, attackers are likely running these probes to first identify servers with this component enabled that they can later attack.

The first to report the unpatched — zero-day — vulnerability were researchers from a China-based company called KnownSec. However, their post on Medium remained largely unnoticed until researchers from other companies like F5 Networks and Waratek also issued alerts.

Read the full article here.

Related alerts

Ready to scale Security with modern software development?

Work with us to accelerate your adoption of Security-as-Code to deliver application security at scale.