CVE-2015-4852

Oracle WebLogic Server Deserialization of Untrusted Data Vulnerability

Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution. Vendor/Product: Oracle WebLogic Server. Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2015-4852