CVE-2020-14882

Description from NVD

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Information Acquisition Date:2021-04-27T10:52Z

CVSS 2.0: 10.0 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector (AV)	Network	Adjacent	Local	Physical
Attack Complexity (AC)	LOW	High
Privileges Required (PR)	None	Low	High
User Interaction (UI)	None	Required
Scope (S)	Unchange	Change
Confidentiality (C)	None	Low	High
Integrity (I)	None	Low	High
Availability (A)	None	Low	High

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:C/I:C/A:C

Attack Vector (AV)	Network	Adjacent	Local
Access Complexity (AC)	Low	Medium	High
Authentication (Au)	None	Single	Multiple
Confidentiality (C)	None	Partial	Complete
Integrity (I)	None	Partial	Complete
Availability (A)	None	Partial	Complete

NVD References

https://www.oracle.com/security-alerts/cpuoct2020.html
source:MISC
tags:Vendor Advisory

http://packetstormsecurity.com/files/159769/Oracle-WebLogic-Server-Remote-Code-Execution.html
source:MISC
tags:Exploit Third Party Advisory VDB Entry

http://packetstormsecurity.com/files/160143/Oracle-WebLogic-Server-Administration-Console-Handle-Remote-Code-Execution.html
source:MISC
tags:Exploit Third Party Advisory VDB Entry

http://packetstormsecurity.com/files/161128/Oracle-WebLogic-Server-12.2.1.0-Remote-Code-Execution.html
source:MISC
tags:Exploit Third Party Advisory VDB Entry

This vulnerability may involve a PoC.

Description from Forti

Oracle WebLogic Fusion Middleware Authentication Bypass

This indicates an attack attempt to exploit an Authentication Bypass Vulnerability in Oracle WebLogic Server. The vulnerability is due to an error in the vulnerable application when handling a maliciously crafted request. This vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.

Information Acquisition Date:2021/02/25

Affected Products

Oracle WebLogic Server 10.3.6.0.0
Oracle WebLogic Server 12.1.3.0.0
Oracle WebLogic Server 12.2.1.3.0
Oracle WebLogic Server 12.2.1.4.0
Oracle WebLogic Server 14.1.1.0.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.oracle.com/security-alerts/cpuoct2020.html

References

Refer to Information on External Sites

CVE Infomation	Exploits or more Infomation
mitre	EXPLOIT DATABASE
NVD	0day.today
vulmon.com	github
CVE Details	Twitter
JVN ENG JPN
Reconshell

Software Tag:

List of frequently cited URLs

URL	Num of Times Referred to
http://vulmon.com/vulnerabilitydetails?qid=CVE	1377
https://cvetrends.com	51
http://twinybots.ch	26
https://lists.astaro.com/ASGV9-IPS-rules.html	20
https://www.oracle.com/security-alerts/cpuoct2020.html	18
https://www.lac.co.jp/lacwatch/alert/20201030_002319.html	12
https://gbhackers.com/weblogic-servers-flaw/	9
https://alerts.vulmon.com/l/mT	9
https://www.bleepingcomputer.com/news/security/critical-ora...	7
http://izumino.jp/Security/sec_trend.cgi?ref=tw&ref_date=20...	5
https://www.helpnetsecurity.com/2020/10/29/cve-2020-14882/	5
https://bit.ly/3RKMvmm	4
https://ift.tt/35KWyBc	4
https://github.com/s1kr10s/CVE-2020-14882	4
http://www.npa.go.jp/cyberpolice/important/2020/202012241.html	4
https://www.zdnet.com/article/oracle-publishes-rare-out-of-...	4
https://threatpost.com/oracle-weblogic-server-rce-flaw-atta...	4
https://scan.netsecurity.ne.jp/article/2020/12/28/45002.html	4
https://research.trendmicro.com/3jcDbsx	4
https://twitter.com/search?src=sprv&q=CVE-2020-14882	3
https://isc.sans.edu/forums/diary/PATCH+NOW+CVE202014882+We...	3
https://www.onyphe.io/blog/1100-oracle-weblogic-servers-vul...	3
http://Securitylab.ru	3
https://blog.rapid7.com/2020/10/29/oracle-weblogic-unauthen...	3
https://www.imperva.com/blog/bug-hunting-for-a-quick-buck-u...	3
https://www.ncsc.gov.uk/report/weekly-threat-report-6th-nov...	3
https://thedfirreport.com/2020/11/12/cryptominers-exploitin...	3
https://securityaffairs.co/wordpress/110137/hacking/weblogi...	3
https://testbnull.medium.com/weblogic-rce-by-only-one-get-r...	3
https://www.vulnmachines.com	3
https://ipssignatures.appspot.com/?cve=CVE-2020-14882	3
http://com.tangosol.coherence.mvel2.sh	3

Information from Twitter

User	URL	Info Source	Date
Prohacktiv3	https://github.com/Chocapikk/CVE-2022-39952	Source Prohacktiv3 1630109088515342336	2023/02/27
Prohacktiv3	https://twitter.com/Prohacktiv3/status/1630109088515342336/...	Source Prohacktiv3 1630109088515342336	2023/02/27

List of frequently cited URLs

URL	Num of Times Referred to
vulmon.com	1377
cvetrends.com	51
twinybots.ch	26
lists.astaro.com	20
www.oracle.com	18
www.lac.co.jp	12
gbhackers.com	9
alerts.vulmon.com	9
www.bleepingcomputer.com	7
izumino.jp	5
www.helpnetsecurity.com	5
bit.ly	4
ift.tt	4
github.com	4
www.npa.go.jp	4
www.zdnet.com	4
threatpost.com	4
scan.netsecurity.ne.jp	4
research.trendmicro.com	4
twitter.com	3
isc.sans.edu	3
www.onyphe.io	3
Securitylab.ru	3
blog.rapid7.com	3
www.imperva.com	3
www.ncsc.gov.uk	3
thedfirreport.com	3
securityaffairs.co	3
testbnull.medium.com	3
www.vulnmachines.com	3
ipssignatures.appspot.com	3
com.tangosol.coherence.mvel2.sh	3

Information from Twitter

User	URL	Info Source
Prohacktiv3	github.com	Show Tweet
Prohacktiv3	twitter.com	Show Tweet

GitHub Search Results: Up to 10

Name	URL
jas502n/CVE-2020-14882	https://github.com/jas502n/CVE-2020-14882
zhzyker/exphub	https://github.com/zhzyker/exphub
0xn0ne/weblogicScanner	https://github.com/0xn0ne/weblogicScanner
GGyao/CVE-2020-14882_ALL	https://github.com/GGyao/CVE-2020-14882_ALL
s1kr10s/CVE-2020-14882	https://github.com/s1kr10s/CVE-2020-14882
RedTeamWing/CVE-2020-14882	https://github.com/RedTeamWing/CVE-2020-14882
pprietosanchez/CVE-2020-14750	https://github.com/pprietosanchez/CVE-2020-14750
QmF0c3UK/CVE-2020-14882	https://github.com/QmF0c3UK/CVE-2020-14882
wsfengfan/cve-2020-14882	https://github.com/wsfengfan/cve-2020-14882
NS-Sp4ce/CVE-2020-14882	https://github.com/NS-Sp4ce/CVE-2020-14882

GitHub Search Results: Up to 10

Name	URL
jas502n/CVE-2020-14882	github.com
zhzyker/exphub	github.com
0xn0ne/weblogicScanner	github.com
GGyao/CVE-2020-14882_ALL	github.com
s1kr10s/CVE-2020-14882	github.com
RedTeamWing/CVE-2020-14882	github.com
pprietosanchez/CVE-2020-14750	github.com
QmF0c3UK/CVE-2020-14882	github.com
wsfengfan/cve-2020-14882	github.com
NS-Sp4ce/CVE-2020-14882	github.com

2023/02/27 Score : 0
Added Har-sia Database : 2020/10/21
Last Modified : 2023/02/27
Highest Scored Date : 2020/10/30
Highest Score : 132