nuclei-templates/http/cves/2020/CVE-2020-2551.yaml

49 lines
1.4 KiB
YAML

id: CVE-2020-2551
info:
name: Oracle WebLogic Server - Remote Code Execution
author: dwisiswant0
severity: critical
description: |
Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated attackers with network access via IIOP to compromise Oracle WebLogic Server.
reference:
- https://github.com/hktalent/CVE-2020-2551
- https://nvd.nist.gov/vuln/detail/CVE-2020-2551
- https://www.oracle.com/security-alerts/cpujan2020.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-2551
cpe: cpe:2.3:a:oracle:weblogic_server:*:*:*:*:*:*:*:*
epss-score: 0.97281
tags: cve,cve2020,oracle,weblogic,rce,unauth
metadata:
max-request: 1
http:
- method: GET
path:
- "{{BaseURL}}/console/login/LoginForm.jsp"
matchers-condition: and
matchers:
- type: word
words:
- "10.3.6.0"
- "12.1.3.0"
- "12.2.1.3"
- "12.2.1.4"
condition: or
part: body
- type: word
words:
- "WebLogic"
part: body
- type: status
status:
- 200
# Enhanced by mp on 2022/03/25