← back
CVE-2020-2883

CVE-2020-2883

CVSS 9.8 CRITICALEPSS 94.9%● KEV
In short

Oracle WebLogic Server contains a critical flaw that allows attackers on the network to gain complete control of the system without needing a password or user account. This vulnerability affects core functionality and puts sensitive data and business operations at severe risk.

Technical detail

Unauthenticated remote code execution vulnerability in Oracle WebLogic Server (versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0) exploitable via IIOP and T3 protocols with no authentication required. Successful exploitation results in complete compromise of confidentiality, integrity, and availability (CVSS 9.8).

Summary generated and translated by AI from the official description.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Oracle Corporation · WebLogic Server
public PoCs found8
githubgithub.com/Y4er/WebLogic-Shiro-shell532githubgithub.com/Y4er/CVE-2020-2883176githubgithub.com/MagicZer0/Weblogic_CVE-2020-2883_POC15githubgithub.com/Al1ex/CVE-2020-28835githubgithub.com/FancyDoesSecurity/CVE-2020-28832githubgithub.com/Qynklee/POC_CVE-2020-28830githubgithub.com/ZZZWD/CVE-2020-28830cve_referencepacketstormsecurity.com/files/157950/WebLogic-Server-Deserialization-Remote-Code-Execution.htmlunverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://packetstormsecurity.com/files/157950/WebLogic-Server-Deserialization-Remote-Code-Execution.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-2883https://www.oracle.com/security-alerts/cpuapr2020.htmlhttps://www.zerodayinitiative.com/advisories/ZDI-20-504/https://www.zerodayinitiative.com/advisories/ZDI-20-570/