Critical Patch Update Notice for All Oracle Products in April 2022
April 21, 2022
Overview On April 20, 2022, NSFOCUS’s CERT monitoring found that Oracle officially released the April Critical Patch Update announcement CPU (Critical Patch Update). A total of 520 vulnerabilities of varying degrees were fixed. This security update involves Oracle WebLogic Server. , Oracle MySQL, Oracle Java SE, Oracle FusionMiddleware, Oracle Retail Applications and many other common […]
WebLogic Remote Code Execution Vulnerability(CVE-2018-3191)Threat Alert
October 23, 2018
Overview
On October 17, Beijing time, Oracle officially released a Critical Patch Update (CPU), which contains a fix for the critical WebLogic remote code execution vulnerability (CVE-2018-3191). This vulnerability allows unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation of it can result in takeover of Oracle WebLogic Server, hence remote code execution.
WebLogic Remote Code Execution Vulnerability(CVE-2018-3245) Threat Alert
October 22, 2018
Overview
On October 16, local time (early morning on October 17, Beijing time), Oracle officially released the October (third quarter) Critical Patch Update (CPU), which fixes a July (second quarter) CPU patch. The WebLogic remote code execution vulnerability (CVE-2018-2893) has not been fully fixed. The newly fixed vulnerability is assigned CVE-2018-3245. (more…)
