2 matches found
Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...
CVE-2019-2441
CVE-2019-2441 affects Oracle WebLogic Server 12.2.1.3 (Application Container - JavaEE). The vulnerability allows unauthenticated, network-based attackers to access WebLogic via HTTP and read a subset of data; CVSS v3.0 base score 5.3 (confidentiality impact: low). Connected sources confirm the af...