Last week Oracle released one of its mammoth quarterly patch dumps - with 402 fixes. Well, it turns out that if you missed one and you're running WebLogic 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0, you've probably already been tagged by hackers.
On Thursday Johannes Ullrich, Dean of Research at the SANS Technology Institute, spotted a massive spike in traffic on research "honeypot" systems as somebody tried to identify public-facing WebLogic servers that weren't patched against CVE-2020-14882. The flaw, with a CVSS score of 9.8, is an "easily exploitable vulnerability" in the application's console that can be targeted over HTTP without user interaction to execute code remotely.
