Bleeping Computer

CISA flags two-year-old Oracle flaw as actively exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched ...
PC Magazine

BEA WebLogic Server

A Java EE application server from Oracle. Originally from BEA Systems, WebLogic Server applications are accessed by a Web browser or Java client. WebLogic Server is the core product of BEA WebLogic, ...
Threat Post

Oracle: Unpatched Versions of WebLogic App Server Under Active Attack

CVE-2020-2883 was patched in Oracle’s April 2020 Critical Patch Update – but proof of concept exploit code was published shortly after. Oracle is urging customers to fast-track a patch for a critical ...
Bleeping Computer

Oracle issues emergency patch for critical WebLogic Server flaw

Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions. The security ...
CSO Online

Two-year old Oracle WebLogic Server vulnerability is being exploited

Its inclusion in the US CISA catalog of known exploited vulnerabilities is a warning to admins that patching is needed now.