CISA flags two-year-old Oracle flaw as actively exploited in attacks

CISA has ordered federal agencies to urgently patch a high-severity Oracle WebLogic Server vulnerability (CVE-2024-21182) that permits unauthenticated remote compromise; Shodan shows roughly 1,592 exposed vulnerable instances online and CISA added the flaw to its catalog of actively exploited vulnerabilities, urging immediate remediation.