Oracle WebLogic Server unauthenticated remote compromise flaw (CVE-2024-21182)
Vulnerability
Summary
Hide ▲
Show ▼
CVE-2024-21182 in Oracle WebLogic Server is actively exploited and can let a network-access attacker achieve unauthenticated remote compromise. The flaw affects versions 12.2.1.4.0 and 14.1.1.0.0, and Shodan tracks 1,592 exposed servers online and vulnerable. Oracle released security patches in July 2024, but successful attacks can still expose critical data or grant complete access to WebLogic-accessible data.
Related Happenings
CISA orders federal patching of Oracle WebLogic CVE-2024-21182
Public Sector Action
First: 02.06.2026 15:40
Last: 02.06.2026 15:40
Sources 1
How related:
On Thursday, CISA added the vulnerability to its catalog of security flaws exploited in attacks and ordered federal agencies to patch their WebLogic servers by midnight on Thursday, June 4, as mandated by Binding Operational Directive (BOD) 22-01.
About this happening:
CISA ordered **federal agencies** to patch **Oracle WebLogic Server** against **CVE-2024-21182** by **June 4**, creating an immediate remediation deadline for affected government...
CISA orders federal patching of Oracle WebLogic CVE-2024-21182
Public Sector ActionHow related: On Thursday, CISA added the vulnerability to its catalog of security flaws exploited in attacks and ordered federal agencies to patch their WebLogic servers by midnight on Thursday, June 4, as mandated by Binding Operational Directive (BOD) 22-01.
About this happening: CISA ordered **federal agencies** to patch **Oracle WebLogic Server** against **CVE-2024-21182** by **June 4**, creating an immediate remediation deadline for affected government...
Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave
Exploitation Wave
First: 26.03.2026 18:00
Last: 26.03.2026 18:00
Sources 1
About this happening:
**Oracle WebLogic Server** systems faced a rapid **CVE-2026-21962** exploitation wave after public exploit code appeared, creating immediate **RCE risk** for exposed servers. The...
Oracle WebLogic Server CVE-2026-21962 rapid exploitation wave
Exploitation WaveAbout this happening: **Oracle WebLogic Server** systems faced a rapid **CVE-2026-21962** exploitation wave after public exploit code appeared, creating immediate **RCE risk** for exposed servers. The...
Oracle Identity Manager and Oracle Web Services Manager unauthenticated RCE (CVE-2026-21992)
Vulnerability
First: 20.03.2026 20:48
Last: 20.03.2026 20:48
Sources 1
About this happening:
Oracle issued an **out-of-band update** to fix **CVE-2026-21992**, a **critical unauthenticated remote code execution** flaw in **Oracle Identity Manager** and **Oracle Web Servic...
Oracle Identity Manager and Oracle Web Services Manager unauthenticated RCE (CVE-2026-21992)
VulnerabilityAbout this happening: Oracle issued an **out-of-band update** to fix **CVE-2026-21992**, a **critical unauthenticated remote code execution** flaw in **Oracle Identity Manager** and **Oracle Web Servic...
Oracle E-Business Suite dual-endpoint exploit campaigns
Campaign
First: 21.10.2025 22:15
Last: 21.10.2025 22:15
Sources 1
About this happening:
Two **Oracle E-Business Suite** exploit campaigns hit separate endpoints in **July and August 2025**, expanding the risk to exposed enterprise instances. The activity matters beca...
Oracle E-Business Suite dual-endpoint exploit campaigns
CampaignAbout this happening: Two **Oracle E-Business Suite** exploit campaigns hit separate endpoints in **July and August 2025**, expanding the risk to exposed enterprise instances. The activity matters beca...
CISA adds five KEV flaws and sets FCEB remediation deadline
Public Sector Action
First: 20.10.2025 22:00
Last: 20.10.2025 22:00
Sources 1
About this happening:
**CISA** added **CVE-2025-61884** in **Oracle E-Business Suite** to its **Known Exploited Vulnerabilities (KEV) Catalog** after confirming it is being **actively exploited**. The...
CISA adds five KEV flaws and sets FCEB remediation deadline
Public Sector ActionAbout this happening: **CISA** added **CVE-2025-61884** in **Oracle E-Business Suite** to its **Known Exploited Vulnerabilities (KEV) Catalog** after confirming it is being **actively exploited**. The...
Timeline
-
02.06.2026 15:40 2 articles · 2h ago
CISA orders federal agencies to patch actively exploited Oracle WebLogic servers
Legal Policy Action UpdateCISA added CVE-2024-21182 to its catalog of vulnerabilities exploited in attacks and ordered federal agencies to patch Oracle WebLogic Server systems by midnight on Thursday, June 4 under Binding Operational Directive (BOD) 22-01. Oracle had patched the high-severity WebLogic flaw in July 2024, describing it as an easily exploitable issue that lets an unauthenticated attacker with network access via T3 or IIOP compromise Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, and CISA urged private-sector defenders to patch affected systems as soon as possible while Shodan tracked more than 1,592 exposed servers vulnerable to CVE-2024-21182.
Show sources
- CISA flags two-year-old Oracle flaw as actively exploited in attacks — www.bleepingcomputer.com — 02.06.2026 15:40
- CISA flags two-year-old Oracle flaw as actively exploited in attacks — www.bleepingcomputer.com — 02.06.2026 15:40