Oracle WebLogic Server OS Command Injection Flaw Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized
![Oracle WebLogic Server OS Command Injection Flaw Under Active Attack](https://technetspot.com/uploads/images/202406/image_750x_666476c2bf7c2.jpg)
What's Your Reaction?
![like](https://technetspot.com/assets/img/reactions/like.png)
![dislike](https://technetspot.com/assets/img/reactions/dislike.png)
![love](https://technetspot.com/assets/img/reactions/love.png)
![funny](https://technetspot.com/assets/img/reactions/funny.png)
![angry](https://technetspot.com/assets/img/reactions/angry.png)
![sad](https://technetspot.com/assets/img/reactions/sad.png)
![wow](https://technetspot.com/assets/img/reactions/wow.png)