all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Oracle WebLogic Server Vulnerability (CVE-2023-21839) added to CISA Known Exploited Vulnerabilities (KEV) Catalog

Add to bookmarks
May 18, 2023, 4:32 a.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

What is Oracle WebLogic?


Oracle WebLogic is an enterprise
application server developed by Oracle. According to 6sense.com, the
application server is used by thousands of companies namely AT&T, NTT
Data, Verizon, etc.





What is the attack?

The attack targets
vulnerable Oracle WebLogic Server specifically in Oracle Fusion Middleware. The vulnerability is tracked under CVE-2023-21839 and exploits the flaw that allows unauthorized access to the
vulnerable servers via T3 and IIOP (Oracle proprietary protocol). The affected
versions are: 12.2.1.3.0, 12.2.1.4.0 and …

amp application attack catalog cisa companies cve cve-2023-21839 data enterprise etc exploited fusion kev known exploited vulnerabilities ntt oracle oracle weblogic server server verizon vulnerabilities vulnerability vulnerable weblogic what is

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 3 days, 15 hours ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 2 weeks, 1 day ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 3 weeks, 1 day ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 3 weeks, 2 days ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 3 weeks, 3 days ago | fortiguard.fortinet.com
attack cyber entities espionage +15
JetBrains TeamCity Authentication Bypass Vulnerabilities (CVE-2024-27198, CVE-2024-27199) 1 month ago | fortiguard.fortinet.com
attacker authentication authentication bypass bypass +15
ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709) 1 month, 3 weeks ago | fortiguard.fortinet.com
access advisory application attackers +28
Microsoft Exchange Server Elevation of Privilege Vulnerability (CVE-2024-21410) 2 months ago | fortiguard.fortinet.com
attacks can critical cve +27
Ivanti Connect Secure and Policy Secure Gateways Zero-day Vulnerabilities (CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893) 2 months, 1 week ago | fortiguard.fortinet.com
advisory application authentication authentication bypass +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Information Systems Security Officer (ISSO), Junior

@ Dark Wolf Solutions | Remote / Dark Wolf Locations
View on infosec-jobs.com

Cloud Security Engineer

@ ManTech | REMT - Remote Worker Location
View on infosec-jobs.com

SAP Security & GRC Consultant

@ NTT DATA | HYDERABAD, TG, IN
View on infosec-jobs.com

Security Engineer 2 - Adversary Simulation Operations

@ Datadog | New York City, USA
View on infosec-jobs.com
View more jobs