CISA Warns of Active Exploitation of Oracle WebLogic Vulnerability CVE-2024-21182

CISA Warns of Active Exploitation of Oracle WebLogic Vulnerability CVE-2024-21182

First seen 2 Jun 2026, 10:54 UTC GbhackersHeise.Denvd.nist.govBleepingcomputerCybersecuritynews+13 88% similarity 72.9

Article Content

Browse articles
ThreatCluster

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding the active exploitation of a two-year-old vulnerability in Oracle WebLogic Server, tracked as CVE-2024-21182. This flaw, which affects versions 12.2.1.4.0 and 14.1.1.0.0, allows unauthenticated attackers to remotely compromise servers using T3 and IIOP protocols. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog and mandated federal agencies to patch their systems by June 4, 2026. Currently, over 1,592 Oracle WebLogic servers are identified as exposed and vulnerable. Successful exploitation can lead to unauthorized access to critical data or complete control over the server. CISA has previously flagged numerous Oracle vulnerabilities, highlighting the ongoing risk posed by such flaws. Organizations are urged to apply patches immediately to mitigate potential attacks.

Key Points: • CISA has ordered federal agencies to patch Oracle WebLogic Server by June 4, 2026. • The vulnerability CVE-2024-21182 allows unauthenticated remote access to critical data. • Over 1,592 Oracle WebLogic servers are currently exposed and vulnerable to exploitation.

ThreatCluster AI

Timeline

2024-07-16
CVE-2024-21182 published
Oracle released patches for the WebLogic Server vulnerability affecting specific versions.
BleepingComputer
2024-12-30
First public PoC for CVE-2024-21182
A proof of concept for exploiting the WebLogic vulnerability became publicly available.
BleepingComputer
2025-10-12
CVE-2025-61884 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-03-20
CVE-2026-21992 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-06-01
CISA adds CVE-2024-21182 to KEV catalog
CISA confirmed active exploitation of the Oracle WebLogic vulnerability and added it to its Known Exploited Vulnerabilities catalog.
Cybersecuritynews
2026-06-02
CISA issues urgent patch directive
CISA mandated federal agencies to patch their Oracle WebLogic systems by June 4, 2026, due to active exploitation.
BleepingComputer

Community

Browse all →