Corporate Security Blog

Security Alert CVE-2019-2729 Released

John Heimann
Vice President, Security Program Management

Oracle has just released Security Alert CVE-2019-2729.  This vulnerability affects a number of versions of Oracle WebLogic Server and has a CVSS Base Score of 9.8.  WebLogic Server customers should refer to the Security Alert Advisory for information on affected versions and how to obtain the required patches. 

Please note that while the issue addressed by this alert is a deserialization vulnerability, like that addressed in Security Alert CVE-2019-2725, it is a distinct vulnerability.

Due to the severity of this vulnerability, Oracle recommends that this Security Alert be applied as soon as possible.

For more information:

The Security Alert advisory is located at https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2729-5570780.html

Security Alert CVE-2019-2725 is located at  https://www.oracle.com/technetwork/security-advisory/alert-cve-2019-2725-5466295.html