Sign In


Oracle Releases Security Alert - 30.04.2019

Oracle has released a security alert to address a vulnerability in WebLogic Server, versions, A remote attacker could exploit this vulnerability to take control of an affected system.CERT Bulgaria recommends users and administrators to review the Oracle Security Alert and the Multi-State Information Sharing & Analysis Center Advisory 2019-048 for more information and apply the necessary updates.

Some of the recommendations are:

  • As a temporary workaround, consider disabling the WLS9_ASYNC and WLS-WSAT components until a patch is available.
  • When available, apply appropriate updates provided by Oracle to affected systems immediately after appropriate testing.
  • Apply the Principle of Least Privilege to all systems and services.
  • Verify no unauthorized system modifications have occurred on system before applying patch.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.