CVE-2017-3506

⚠ KEVEPSS 94.4%

Oracle WebLogic Server OS Command Injection Vulnerability

Added to CISA KEV: 6/3/2024

Description

Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP request that includes a malicious XML document.

Affected packages (0)

No package mapping in OSV.