Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. Oracle acquired WebLogic Server when it purchased BEA Systems in 2008. In the Oracle Critical Patch Update Advisory – October 2019, Oracle officially fixed a high-risk vulnerability (CVE-2019-2891) that affect to Oracle WebLogic Server Console component. An attacker could attack WebLogic Server by sending an HTTP request without authorization.
- WebLogic 10.3.6.0.0
- WebLogic 126.96.36.199.0
- WebLogic 188.8.131.52.0
Oracle releases the patch to fix this vulnerability. Users should upgrade WebLogic as soon as possible.
The post CVE-2019-2891: Oracle WebLogic Server Console High Risk Vulnerability Alert appeared first on InfoTech News.