Skip to main content

Oracle patches severe flaw in WebLogic Server that could be exploited 'without the need for a username and password'

posted onNovember 3, 2020
by l33tdawg
Wikipedia
Credit: Wikipedia

Oracle has released an emergency patch after a security vulnerability was revealed in its WebLogic middleware last week.

The security alert addresses CVE-2020-14750, a remote code execution vulnerability in Oracle WebLogic Server.

"This vulnerability is related to CVE-2020-14882, which was addressed in the October 2020 Critical Patch Update. It is remotely exploitable without authentication, i.e. may be exploited over a network without the need for a username and password," Oracle said in a security alert. "Due to the severity of this vulnerability and the publication of exploit code on various sites, Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible."

Source

Tags

Security

You May Also Like

Recent News

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th