Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code...

Patch and check your DMZ firewalls! Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)


Tenable wrote a good article. Sadly they also missed that weblogic server has no business reaching out to just any server on the one internet hence a good mitigation strategy is also block outgoing traffic from any weblogic server to internet. That could be faster mitigating solution than negotiate with business owners an out of cycle patch window. Of course the patch should be applied anyway later.




1 view

Foresight Cyber

71-75 Shelton Street 

Covent Garden

London

WC2H 9JQ

United Kingdom

+44 208 159 8942

info@foresightcyber.com

Legal

VAT: GB144735213 

Company number: 06871193 

D-U-N-S number: 211601017

UK ICO number: 00011202777

Privacy Policy

Social

  • LinkedIn
  • Twitter
  • YouTube
  • Vimeo

Copyright © 2009 -2020 Foresight Cyber Ltd. All rights reserved. Foresight Cyber are registered trademarks. Foresight Cyber Ltd is a company registered in England and Wales. Registered No: 06871193. Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom