Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2015-4852

Oracle | WebLogic ServerAdded 2021-11-03Remediation Deadline 2022-05-03

Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability

Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-502

References