CVE-2020-2883 - Oracle WebLogic Server Unspecified Vulnerability

CVE ID:CVE-2020-2883

Project:Oracle

Product:WebLogic Server

Date Added:2025-01-07Due Date:2025-01-28

Vulnerability Name

Oracle WebLogic Server Unspecified Vulnerability

Description

Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP or T3.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.oracle.com/security-alerts/cpuapr2020.html

https://nvd.nist.gov/vuln/detail/CVE-2020-2883

Top Security News

Latest CVE List

Top Alert List

CSP
Content Security Policy (CSP) Header Not Set
MediumAbsence of Anti-CSRF Tokens
MediumMissing Anti-clickjacking Header
InformationalInformation Disclosure - Suspicious Comments
LowCross-Domain JavaScript Source File Inclusion
MediumContent Security Policy (CSP) Header Not Set
LowTimestamp Disclosure - Unix
LowCSP: X-Content-Security-Policy
InformationalRe-examine Cache-control Directives