Source: The Hacking News
New Critical Oracle WebLogic Flaw Under Active Attack — Patch Now
Oracle has released an out-of-band emergency software update to patch a newly discovered critical vulnerability in the WebLogic Server.
According to Oracle, the vulnerability—which can be identified as CVE-2019-2729 and has a CVSS score of 9.8 out of 10—is already being exploited in the wild by an unnamed group of attackers.
Oracle WebLogic is a Java-based multi-tier enterprise application