The version of Oracle WebLogic Server installed on the remote host is affected by a remote code execution vulnerability in the Oracle Fusion Middleware Console subcomponent. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP request, to execute arbitrary commands.
No reliable remote exploit has been published for Oracle WebLogic Server 10.3.6.X or 12.1.3.X, so Nessus will not be able to determine if the remote server is affected or not for these versions.
Binary data oracle_weblogic_server_CVE-2020-14882.nbin
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | fusion_middleware | cpe:/a:oracle:fusion_middleware | |
oracle | weblogic_server | cpe:/a:oracle:weblogic_server |