Active Exploitation of Oracle WebLogic Server Vulnerabilities (CVE-2020-14882 and CVE-2020-14883)

Published on 30 Oct 2020

Updated on 30 Oct 2020

Oracle released a critical patch update in October 2020 to address severe WebLogic Server vulnerabilities. 

The proof of concept exploit for two major vulnerabilities is now publicly available. There have been reports of active exploitation of these vulnerabilities.

They are:

  • CVE-2020-14882 - Easily exploitable vulnerability in Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0, that allows an unauthenticated attacker with network access via HTTP to compromise the Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server.
  • CVE-2020-14883 - Easily exploitable vulnerability in Oracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0, that allows a high privileged attacker with network access via HTTP to compromise the Oracle WebLogic Server. Successful exploitation can result in takeover of Oracle WebLogic Server. 

Users and System Administrators of affected products are advised to install the latest security updates immediately. 

More information is available here:

https://www.oracle.com/security-alerts/cpuoct2020traditional.html

https://nvd.nist.gov/vuln/detail/CVE-2020-14882

https://nvd.nist.gov/vuln/detail/CVE-2020-14883