{"uuid": "c3c5942b-c566-4c54-b7d0-b735f255c525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2017-3506", "type": "exploited", "source": "https://t.me/KomunitiSiber/2049", "content": "Oracle WebLogic Server OS Command Injection Flaw Under Active Attack\nhttps://thehackernews.com/2024/06/oracle-weblogic-server-os-command.html\n\nThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.\nTracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized", "creation_timestamp": "2024-06-04T06:46:17.000000Z"}