If your instance is using Weblogic Server version 12.2.1.4, then it is mandatory to apply the Latest Patch Set Update (PSU) and Critical Patch Update (CPU) patches. 

Oracle provides quarterly cumulative patches to address security vulnerabilities. The patches may include critical fixes in addition to the security fixes

Important information to be aware of:

• Downtime will be required when applying a patch on a domain. Please plan accordingly.
• The Latest PSU is available with version 12.2.1.4.
• Before applying the WLS PSU with the opatch utility, make sure that the Admin and Managed Servers are stopped.
• If you have multiple nodes for the instance, make sure you apply the patch in all the VM Nodes.

For more details refer to the official documentation here https://www.oracle.com/security-alerts/
 

Make sure to restrict the access on the administration consoles

For more details, review Doc ID 2667937.1 & Doc ID 2835754.2