https://www.bleepingcomputer.com/news/security/attacks-on-oracle-weblogic-servers-detected-after-publication-of-poc-code/ > Oracle WebLogic servers are under attack from hackers who are trying to take over vulnerable installations that have not received a recent patch for a critical vulnerability. > The security bug at the heart of these hacking attempts is CVE-2018-2893, a vulnerability in a component of the Oracle WebLogic middleware that allows an attacker to gain control over the entire server without having to know its password.