Since many PeopleSoft customers utilize weblogic for their PeopleSoft environment, we wanted to highlight yesterday’s security alert. Oracle released an out of band security update (more information) for issues within Oracle Weblogic Server. Recommendations are to apply the patch and mitigation steps as soon as possible. While out of band security updates are rare, they are not unheard of. PeopleSoft customers need to review the update as soon as possible.
The CVSS (Common Vulnerability Scoring System) score of this update is 7.5 (more information). For reference, vulnerabilities are ranked from 0-10 based upon numerous factors like ease of execution for example. CVSS score ranges are Low (0 – 3.9), Medium (4.0 – 6.9) and High (7.0 – 10.0). The high base score of this update most likely led to the out of band patch being released.
As always if you ever have security questions, remember our assessment opportunity.
Stay safe and keep secure!