CVE-2019-2568 vulnerability in Oracle WebLogic Server

36, 000 publicly accessible Oracle WebLogic Servers are at risk Cyber Security vulnerability is increasing day by day. This time, the vulnerability has reported in Oracle WebLogic Server. KnownSec 404 has identified a vulnerability CVE-2019-2568 that allows the attacker to compromise the Oracle WebLogic Server with low privileges and network access via HTTP. Here is the official description “Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server.” For your information, Oracle WebLogic Server is a oracle application server which is a platform for deploying and developing multitier distributor enterprise applications. Oracle acquired this server in 2008 when it purchased BEA Systems. There has been reported vulnerability CVE-2019-2568 that allows the access to the server via HTTP. It Read more