Is CVE-2019-2890 known to be exploited?

83 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Oracle Corporation Weblogic Server

CVE-2019-2890

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privile…

EPSS: 0.903 (99.6th percentile) — read the EPSS interpretation.

Affected products

Oracle Corporation Weblogic Server — versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0

Public proof-of-concept exploits

l1nk3rlin/CVE-2019-2890
jas502n/CVE-2019-2890
zhzhdoai/Weblogic_Vuln
ZO1RO/CVE-2019-2890
ianxtianxt/CVE-2019-2890
Ky0-HVA/CVE-2019-2890
freeide/weblogic_cve-2019-2890
AnonVulc/Pentest-Tools
CVEDB/PoC-List
CVEDB/awesome-cve-repo

References

www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-2890?: CVE-2019-2890 is a vulnerability in Oracle Corporation Weblogic Server. Published 2019-10-16.
Is CVE-2019-2890 known to be exploited?: 83 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.