Oracle WebLogic Remote Code Execution Vulnerability Exploited

Oracle web logic server is a Java EE application server that is part of Oracle’s Fusion Middleware portfolio and supports a variety of popular databases. These servers are often targeted by attackers.

The console component of the WebLogic Server has a flaw, CVE-2020-14882, and CVE-2020-14883, which ranks 9.8 out of 10 on the CVSS scale.CVE-2020-14882 may allow unauthenticated attackers with network access via HTTP to achieve total compromise and takeover of vulnerable Oracle WebLogic Servers. CVE-2020-14883  that allows a high privileged attacker with network access via HTTP to compromise the Oracle WebLogic Server. 

Oracle WebLogic Affected Versions

Users and System Administrators of affected products are advised to install the latest security updates immediately. 

More information is available here: