ORACLE WEBLOGIC SERVER RCE FLAW UNDER ACTIVE ATTACK
11/03/2020

According to Oracle, the attack is “low” in complexity, requires no privileges and no user interaction and can be exploited by attackers with network access via HTTP.

Recently Oracle released fixed a flaw in the console component of the WebLogic Server CVE2020-14882, which ranks 9.8 out of 10 on the CVSS scale. Hackers are scanning the Internet for systems that have yet to patch this flaw that force Oracle’s WebLogic server to execute malicious code.

  • Recently Oracle released fixed a flaw in the console component of the WebLogic Server CVE-2020-14882, which ranks 9.8 out of 10 on the CVSS scale.

  • Hackers are scanning the Internet for systems that have yet to patch this flaw that force Oracle’s WebLogic server to execute malicious code.

  • According to Oracle, the attack is “low” in complexity, requires no privileges and no user interaction and can be exploited by attackers with network access via HTTP.

 

 

Oracle