Another Oracle WebLogic Server RCE under active exploitation

Oracle has released an out-of-band fix for CVE-2019-2729, a critical deserialization vulnerability in a number of versions of Oracle WebLogic Server, and is urging customers to apply the security update as soon as possible. Speed is of the essence as, according to KnownSec 404 researchers, the vulnerability is already being exploited in the wild.

Read full article on Help Net Security