Published on: 23 April 2019
Last update on: 29 April 2019
Security researchers discovered a remote code execution vulnerability in wls9_async and wls-wsat components, which are included in the Oracle WebLogic Server. A remote attacker may send specially crafted HTTP requests to exploit the vulnerability.
Reports indicated that proof-of-concept code is publicly available. Users are advised to take immediate action to patch your affected systems to mitigate the elevated risk of cyber attacks. For systems hosted at outsourced platforms, system owners should confirm with the web hosting service providers that the relevant patch has been applied.
A successful attack could lead to remote code execution on an affected system.
Oracle has released the patches of the affected product to address the vulnerabilities. They could be found from the following URL:
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html
Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk.
https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html
https://www.hkcert.org/my_url/en/alert/19042603
https://www.us-cert.gov/ncas/current-activity/2019/04/26/Oracle-Releases-Security-Alert
http://www.cnvd.org.cn/webinfo/show/4999
https://medium.com/@knownseczoomeye/knownsec-404-team-oracle-weblogic-deserialization-rce-vulnerability-0day-alert-90dd9a79ae93