AttackerKBAKB:A4BDBFB9-4493-4EF5-8C05-276721F6549FCVE-2020-2555
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Recent assessments:
ccondon-r7 at January 29, 2021 5:47pm UTC reported:
Since this got a little more attention later in 2020, itβs probably good to note here that there are a number of different implementations of Oracle Coherence, and the likeliest attack vector that weβve seen is WebLogic Server. WebLogic had a number of vulnerabilities that were exploited in the wild (some widely, e.g., CVE-2020-14882 and CVE-2020-14750) in 2020. Definitely a good idea to keep tight WebLogic patch cycles whenever possible.
space-r7 at May 15, 2020 7:02pm UTC reported:
Since this got a little more attention later in 2020, itβs probably good to note here that there are a number of different implementations of Oracle Coherence, and the likeliest attack vector that weβve seen is WebLogic Server. WebLogic had a number of vulnerabilities that were exploited in the wild (some widely, e.g., CVE-2020-14882 and CVE-2020-14750) in 2020. Definitely a good idea to keep tight WebLogic patch cycles whenever possible.
gwillcox-r7 at October 20, 2020 6:53pm UTC reported:
Since this got a little more attention later in 2020, itβs probably good to note here that there are a number of different implementations of Oracle Coherence, and the likeliest attack vector that weβve seen is WebLogic Server. WebLogic had a number of vulnerabilities that were exploited in the wild (some widely, e.g., CVE-2020-14882 and CVE-2020-14750) in 2020. Definitely a good idea to keep tight WebLogic patch cycles whenever possible.
Assessed Attacker Value: 4
Assessed Attacker Value: 4Assessed Attacker Value: 3
References
packetstormsecurity.com/files/157054/Oracle-Coherence-Fusion-Middleware-Remote-Code-Execution.html
packetstormsecurity.com/files/157207/Oracle-WebLogic-Server-12.2.1.4.0-Remote-Code-Execution.html
packetstormsecurity.com/files/157795/WebLogic-Server-Deserialization-Remote-Code-Execution.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2555
www.oracle.com/security-alerts/cpujan2020.html
www.oracle.com/security-alerts/cpujan2021.html
www.oracle.com/security-alerts/cpujul2020.html
www.oracle.com/security-alerts/cpujul2021.html
www.oracle.com/security-alerts/cpuoct2020.html
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C