AnsweredAssumed Answered

Recent Weblogic vulnerability CVE-2019-2725

Question asked by Eduardo Cuthbert on May 10, 2019
Latest reply on Jun 24, 2019 by John Yogore

Hello community

Is the webtier which contains a weblogic vulnerable to CVE-2019-2725-Active-Exploit ? As far as I could see, the vulnerable versions are:

 

Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0

See document by vendor:  Oracle Security Alert CVE-2019-2725 

 

If we are running that versions, are we affected or is RSA providing other mechanism to protect this attack?

 

Do we need to patch?

 

Best regards,

Edu

Outcomes