![]() Affected users are advised to fix the vulnerability as soon as possible. Currently, the proof of concept (PoC) has been made publicly available. Authenticated attackers could remotely execute commands or code via JNDI injection attacks. Users are advised to take measures without delay to protect against the preceding vulnerabilities.Ī WebLogic Server remote code execution vulnerability (CVE-2021-2109) exists in the console of the WebLogic Server, with a CVSS Base Score of 7.2. These vulnerabilities are assigned a CVSS Base Score of 9.8 and are easy to exploit. Unauthenticated attackers could exploit these vulnerabilities to execute code remotely. On January 20, 2021, NSFOCUS detected that Oracle released the January 2021 Critical Patch Update (CPU), which fixed 329 vulnerabilities of varying risk levels.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |