Published: 15/07/2020 Updated: 20/07/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 670

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle weblogic server 12.2.1.3.0
oracle weblogic server 12.2.1.4.0
oracle weblogic server 14.1.1.0.0

Articles accumulated by the 360Quake team.

Papers Articles accumulated by the 360Quake team quake360cn/quake/#/report Title Date 浅析 CobaltStrike钓鱼网站检测 2021-06-11 浅析 Cobalt Strike Team Server扫描 2021-04-15 浅析开源蜜罐识别 2020-12-18 SolarWinds失陷服务器测绘分析报告 2020-12-16 TLS server-side tagging 2020-12-14 利用JARM指纹进行TLS服务端标记

cve-2020-14644 exploit 欢迎关注宽字节安全公众号

cve-2020-14644 漏洞环境

cve-2020-14644 cve-2020-14644 漏洞环境

cve-2020-14644 漏洞环境

cve-2020-14644 cve-2020-14644 漏洞环境

Tổng quan CVE-2022-21445 (điểm CVSS 9,8), lỗ hổng là sự giải mã dữ liệu không đáng tin, được xác định tồn tại trong ADF Faces component, có thể bị tin tặc khai thác từ xa mà không cần xác thực (pre-authentication) để thực hiện RCE Lỗ hổng trên được

NVD-CWE-noinfo https://www.oracle.com/security-alerts/cpujul2020.html https://nvd.nist.gov https://github.com/360quake/papers

CVE-2020-14644

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect