Oracle WebLogic Affected by Unauthenticated Remote Code...

Oracle WebLogic Affected by Unauthenticated Remote Code Execution Vulnerability (CVE-2019-2725)

On April 17, China National Vulnerability Database (CNVD) published a security bulletin about an unauthenticated remote command execution (RCE) vulnerability in Oracle WebLogic (CNVD-C-2019-48814). This vulnerability could allow a remote attacker to execute arbitrary code on vulnerable WebLogic servers.

For more information, please visit our Tenable blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Oracle WebLogic Affected by Unauthenticated Remote Code...

Recent Discussions

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Americas

Europe

Asia / Australia