Sign In

Предупреждения


Oracle Releases Security Alert - 30.04.2019


Oracle has released a security alert to address a vulnerability in WebLogic Server, versions 10.3.6.0.0, 12.1.3.0.0. A remote attacker could exploit this vulnerability to take control of an affected system.CERT Bulgaria recommends users and administrators to review the Oracle Security Alert and the Multi-State Information Sharing & Analysis Center Advisory 2019-048 for more information and apply the necessary updates.

Some of the recommendations are:

  • As a temporary workaround, consider disabling the WLS9_ASYNC and WLS-WSAT components until a patch is available.
  • When available, apply appropriate updates provided by Oracle to affected systems immediately after appropriate testing.
  • Apply the Principle of Least Privilege to all systems and services.
  • Verify no unauthorized system modifications have occurred on system before applying patch.
  • Monitor intrusion detection systems for any signs of anomalous activity.
  • Unless required, limit external network access to affected products.

https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html

https://www.cisecurity.org/advisory/a-vulnerability-in-oracle-weblogic-could-allow-for-remote-code-execution_2019-048/

30/04/2019

NEW VIRUSES RSS
VULNERABILITIES RSS