CVE-2020-14859

🗓️ 21 Oct 2020 14:04:29Reported by oracleType

Vulnerability in Oracle WebLogic Server allows takeove

Reporter	Title	Published	Views	Family All 11
BDU FSTEC	The vulnerability of the Core server component of Oracle WebLogic Server allows a hacker to execute arbitrary code.	12 Nov 202000:00	–	bdu_fstec
CVE	CVE-2020-14859	21 Oct 202014:04	–	cve
EUVD	EUVD-2020-6995	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Oracle Fusion Middleware	22 Oct 202000:00	–	ncsc
NVD	CVE-2020-14859	21 Oct 202015:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - October 2020	20 Oct 202000:00	–	oracle
Tenable Nessus	Oracle WebLogic Server Multiple Vulnerabilities (Oct 2020 CPU)	22 Oct 202000:00	–	nessus
Prion	Design/Logic Flaw	21 Oct 202015:15	–	prion
RedhatCVE	CVE-2020-14859	5 Feb 202515:58	–	redhatcve
Vulnrichment	CVE-2020-14859	21 Oct 202014:04	–	vulnrichment

[
  {
    "product": "WebLogic Server",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "10.3.6.0.0"
      },
      {
        "status": "affected",
        "version": "12.1.3.0.0"
      },
      {
        "status": "affected",
        "version": "12.2.1.3.0"
      },
      {
        "status": "affected",
        "version": "12.2.1.4.0"
      },
      {
        "status": "affected",
        "version": "14.1.1.0.0"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpuoct2020.html
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-20-1275/

22 Oct 2020 19:06Current

9.4High risk

Vulners AI Score9.4

CVSS 3.19.8

EPSS0.07638