Skip to main content

Oracle WebLogic Remote Code Execution Vulnerability

Last Update Date: 3 Nov 2020 09:32 Release Date: 3 Nov 2020 1902 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability has been identified in Oracle WebLogic server, a remote user can exploit this vulnerability to trigger Remote Code Execution on the targeted system.

Note: The attack code is publicly available.


Impact

  • Remote Code Execution

System / Technologies affected

  • Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

  • The vendor has issued a fix.

https://www.oracle.com/security-alerts/alert-cve-2020-14750.html


Vulnerability Identifier


Source


Related Link