Oracle sounds alarm over serious WebLogic flaw

Oracle has posted a security warning about a vulnerability in the Apache component of its WebLogic Server, even though it doesn't have a patch ready yet. It's taken the rare step of making an out-of-cycle security alert because information on the flaw and exploit code for it are already circulating online, it said in a statement on Monday.

Oracle has posted a security warning about a vulnerability in the Apache component of its WebLogic Server, even though it doesn't have a patch ready yet. It's taken the rare step of making an out-of-cycle security alert because information on the flaw and exploit code for it are already circulating online, it said in a statement on Monday.

Adding to the risk is that the flaw can be exploited over a network without authentication, which means an attacker doesn't need to know a valid username or password.

The software maker says it will release an unscheduled patch as soon as it has a fix, and is urging customers to use its recommended workaround until then.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All