CVE-2020-2555 - Oracle Multiple Products Remote Code Execution Vulnerability
Project:Oracle
Product:Multiple Products
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Oracle Multiple Products Remote Code Execution Vulnerability
Description
Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-2555
Related News Articles
Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackersJanuary 8, 2025