Oracle WebLogic Server OS Command Injection Flaw Under Active Attack

2 months ago [email protected] (The Hacker News)
Oracle WebLogic Server OS Command Injection Flaw Under Active Attack


The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized

The post “Oracle WebLogic Server OS Command Injection Flaw Under Active Attack” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , , ,

More Stories

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

3 hours ago [email protected] (The Hacker News)

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

3 hours ago [email protected] (The Hacker News)

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

20 hours ago [email protected] (The Hacker News)

Offensive AI: The Sine Qua Non of Cybersecurity

22 hours ago [email protected] (The Hacker News)

U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals

1 day ago [email protected] (The Hacker News)

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

1 day ago [email protected] (The Hacker News)