CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited
ID: 9c0b266b-1dd5-54b9-86c1-4ffe0621bf49
STIX ID: report--9c0b266b-1dd5-54b9-86c1-4ffe0621bf49
Feed Name: TechRepublic Security
Threat Score
**Executive summary:** CISA added CVE-2024-21182 — a WebLogic Server vulnerability affecting versions 12.2.1.4.0 and 14.1.1.0.0 that enables unauthenticated remote access via T3/IIOP — to its Known Exploited Vulnerabilities catalog after confirming active exploitation; although Oracle patched it in July 2024, Shodan lists ~1,592 still vulnerable, and federal agencies were given an urgent patch deadline.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
