CVE-2020-2555 - Oracle Multiple Products Remote Code Execution Vulnerability

CVE-2020-2555: Oracle | Multiple Products

Date Added:
2021-11-03

Due Date:
2022-05-03

Vulnerability Name: Oracle Multiple Products Remote Code Execution Vulnerability

Description: Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).

Known To Be Used in Ransomware Campaigns?: Unknown

Action: Apply updates per vendor instructions.

Additional Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-2555

Related News Articles: Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackersJanuary 8, 2025

Free online web security scanner

Don't show website scan report rating on the leaderboard