id: CVE-2020-2551 info: name: Oracle WebLogic Server - Remote Code Execution author: dwisiswant0 severity: critical description: | Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated attackers with network access via IIOP to compromise Oracle WebLogic Server. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system. remediation: | Apply the latest security patches provided by Oracle to mitigate this vulnerability. reference: - https://github.com/hktalent/CVE-2020-2551 - https://nvd.nist.gov/vuln/detail/CVE-2020-2551 - https://www.oracle.com/security-alerts/cpujan2020.html - https://github.com/neilzhang1/Chinese-Charts - https://github.com/pjgmonteiro/Pentest-tools classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2020-2551 epss-score: 0.97537 epss-percentile: 0.99993 cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:* metadata: max-request: 1 vendor: oracle product: weblogic_server shodan-query: - http.title:"oracle peoplesoft sign-in" - product:"oracle weblogic" fofa-query: title="oracle peoplesoft sign-in" google-query: intitle:"oracle peoplesoft sign-in" tags: cve2020,cve,oracle,weblogic,rce,unauth,kev http: - method: GET path: - "{{BaseURL}}/console/login/LoginForm.jsp" matchers-condition: and matchers: - type: word part: body words: - "10.3.6.0" - "12.1.3.0" - "12.2.1.3" - "12.2.1.4" condition: or - type: word part: body words: - "WebLogic" - type: status status: - 200 # digest: 4a0a0047304502207e50b3ed9b29a0f0d8605b097970e019fd2100d1d0e91bf8e365492902e9eebd022100d65f279db6a7c16f47e45df961647a5cef50a390314f103ec019198b745c9136:922c64590222798bb761d5b6d8e72950