Oracle web logic server is a Java EE application server that is part of Oracle’s Fusion Middleware portfolio and supports a variety of popular databases. These servers are often targeted by attackers.
The console component of the WebLogic Server has a flaw, CVE-2020-14882, and CVE-2020-14883, which ranks 9.8 out of 10 on the CVSS scale.CVE-2020-14882 may allow unauthenticated attackers with network access via HTTP to achieve total compromise and takeover of vulnerable Oracle WebLogic Servers. CVE-2020-14883 that allows a high privileged attacker with network access via HTTP to compromise the Oracle WebLogic Server.
Oracle WebLogic Affected Versions
• 10.3.6.0.0
• 12.1.3.0.0
• 12.2.1.3.0
• 12.2.1.4.0
• 14.1.1.0.0
Users and System Administrators of affected products are advised to install the latest security updates immediately.
More information is available here:
https://www.oracle.com/security-alerts/cpuoct2020traditional.html
4 Comments
Great information..
ReplyDeletevery helpful information..
ReplyDeleteUseful and interesting information..
ReplyDeletethis helps a lot. 👍
ReplyDelete