CVE-2020-2883

Description from NVD

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Information Acquisition Date:2021-04-27T10:41Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://www.oracle.com/security-alerts/cpuapr2020.html
     source:MISC
     tags:Vendor Advisory    
 https://www.zerodayinitiative.com/advisories/ZDI-20-504/
     source:MISC
     tags:
 https://www.zerodayinitiative.com/advisories/ZDI-20-570/
     source:MISC
     tags:
 http://packetstormsecurity.com/files/157950/WebLogic-Server-Deserialization-Remote-Code-Execution.html
     source:MISC
     tags:

This vulnerability may involve a PoC.

Description from Forti

Oracle Weblogic ExtractorComparator Insecure Deserialization

This indicates an attack attempt to exploit an Insecure Deserialization Vulnerability in Oracle WebLogic Server.A remote attacker could exploit this vulnerability by encrypting a crafted serialized object and sending it in a crafted T3 message to the target server. Successful exploitation can result in result in arbitrary code execution under the security context of the affected server.

Information Acquisition Date:2020/06/01

Affected Products

Oracle WebLogic Server 10.3.6.0.0
Oracle WebLogic Server 12.1.3.0.0
Oracle WebLogic Server 12.2.1.3.0
Oracle WebLogic Server 12.2.1.4.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.oracle.com/security-alerts/cpuapr2020.html

References

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Linux(1 tweets) Weblogic(2 tweets)

List of frequently cited URLs

URLNum of Times Referred to
http://newsbythehour.org/cybr32
https://lists.astaro.com/ASGV9-IPS-rules.html27
https://bit.ly/2yxYVL35
https://www.us-cert.gov/ncas/current-activity/2020/05/01/un...5
https://github.com/hktalent/CVE_2020_25464
https://www.zdnet.com/article/oracle-warns-of-attacks-again...4
https://www.tenable.com/blog/cve-2020-2883-oracle-weblogic-...4
https://ift.tt/2WaXDxi3
https://twitter.com/piedpiper1616/status/12594315385313320963
http://seclists.org/cert/2020/1123
https://threatpost.com/oracle-unpatched-versions-of-weblogi...3
https://www.oracle.com/security-alerts/cpuapr2020.html3
https://blogs.oracle.com/security/apply-april-2020-cpu3
http://tweetedtimes.com/thinksnews?s=tnp3
https://www.zerodayinitiative.com/blog/2020/5/8/details-on-...3

Information from Twitter

User URL Info Source Date
hack_git https://github.com/hktalent/CVE_2020_2546 Source hack_git         1635299226899951616 2023/03/14
hack_git https://t.me/hackgit/7881 Source hack_git         1635299226899951616 2023/03/14
hack_git https://twitter.com/hack_git/status/1635299226899951616/pho... Source hack_git         1635299226899951616 2023/03/14
ksg93rd https://github.com/regorsec/Linux-Post-Exploitation Source ksg93rd          1635324522894336001 2023/03/14

List of frequently cited URLs

URLNum of Times Referred to
newsbythehour.org32
lists.astaro.com27
bit.ly5
www.us-cert.gov5
github.com4
www.zdnet.com4
www.tenable.com4
ift.tt3
twitter.com3
seclists.org3
threatpost.com3
www.oracle.com3
blogs.oracle.com3
tweetedtimes.com3
www.zerodayinitiative.com3

Information from Twitter

User URL Info Source
hack_git github.com Show Tweet
hack_git t.me Show Tweet
hack_git twitter.com Show Tweet
ksg93rd github.com Show Tweet
GitHub Search Results: Up to 10
NameURL
zhzyker/exphub https://github.com/zhzyker/exphub
Y4er/CVE-2020-2883 https://github.com/Y4er/CVE-2020-2883
hktalent/CVE_2020_2546 https://github.com/hktalent/CVE_2020_2546
zzwlpx/weblogicPoc https://github.com/zzwlpx/weblogicPoc
Y4er/WebLogic-Shiro-shell https://github.com/Y4er/WebLogic-Shiro-shell
MagicZer0/Weblogic_CVE-2020-2883_POC https://github.com/MagicZer0/Weblogic_CVE-2020-2883_POC
Al1ex/CVE-2020-2883 https://github.com/Al1ex/CVE-2020-2883
FancyDoesSecurity/CVE-2020-2883 https://github.com/FancyDoesSecurity/CVE-2020-2883
zhzyker/vulmap https://github.com/zhzyker/vulmap
0xn0ne/weblogicScanner https://github.com/0xn0ne/weblogicScanner
GitHub Search Results: Up to 10
NameURL
zhzyker/exphub github.com
Y4er/CVE-2020-2883 github.com
hktalent/CVE_2020_2546 github.com
zzwlpx/weblogicPoc github.com
Y4er/WebLogic-Shiro-shell github.com
MagicZer0/Weblogic_CVE-2020-2883_POC github.com
Al1ex/CVE-2020-2883 github.com
FancyDoesSecurity/CVE-2020-2883 github.com
zhzyker/vulmap github.com
0xn0ne/weblogicScanner github.com
2023/03/14 Score : 2
Added Har-sia Database : 2020/04/15
Last Modified : 2023/03/14
Highest Scored Date : 2020/05/02
Highest Score : 55