54 lines
1.7 KiB
YAML
54 lines
1.7 KiB
YAML
id: CVE-2020-2551
|
|
|
|
info:
|
|
name: Oracle WebLogic Server - Remote Code Execution
|
|
author: dwisiswant0
|
|
severity: critical
|
|
description: |
|
|
Oracle WebLogic Server (Oracle Fusion Middleware (component: WLS Core Components) is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated attackers with network access via IIOP to compromise Oracle WebLogic Server.
|
|
remediation: |
|
|
Apply the latest security patches provided by Oracle to mitigate this vulnerability.
|
|
reference:
|
|
- https://github.com/hktalent/CVE-2020-2551
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2020-2551
|
|
- https://www.oracle.com/security-alerts/cpujan2020.html
|
|
classification:
|
|
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
|
cvss-score: 9.8
|
|
cve-id: CVE-2020-2551
|
|
epss-score: 0.9746
|
|
epss-percentile: 0.99949
|
|
cpe: cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*
|
|
metadata:
|
|
max-request: 1
|
|
vendor: oracle
|
|
product: weblogic_server
|
|
tags: cve,cve2020,oracle,weblogic,rce,unauth
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/console/login/LoginForm.jsp"
|
|
|
|
matchers-condition: and
|
|
matchers:
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "10.3.6.0"
|
|
- "12.1.3.0"
|
|
- "12.2.1.3"
|
|
- "12.2.1.4"
|
|
condition: or
|
|
|
|
- type: word
|
|
part: body
|
|
words:
|
|
- "WebLogic"
|
|
|
|
- type: status
|
|
status:
|
|
- 200
|
|
|
|
# digest: 4a0a0047304502205987de76b6b510b7b1e796f687c373ca8ba3d9d5d6bec901043a6b12864f5647022100db5c3f18f12ea31b44ceb8678c21cd0ac40f75de4b89b0bd3a468254430fbd7f:922c64590222798bb761d5b6d8e72950
|