Oracle has released a Security Advisory to address a vulnerability in the WebLogic plug-in for Apache. Exploitation of this vulnerability may allow a remote, unauthenticated attacker to compromise the confidentiality or integrity of WebLogic Server applications or cause a denial-of-service condition. The advisory indicates that exploit code for this vulnerability is publicly available.

US-CERT encourages users to review the Oracle Security Advisory and implement the workarounds listed in the document to help mitigate the risks. At this time, a patch or update is not available.

US-CERT will provide additional information as it becomes available.

Read more: US-CERT Current Activity