⚠ Actively exploited
Added to CISA KEV on 2025-01-07. Federal agencies required to patch by 2025-01-28. Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable..

CVE-2020-2883Corporation Weblogic Server vulnerability

18 documents13 sources
Severity
9.8CRITICALNVD
EPSS
94.4%
top 0.04%
CISA KEV
KEV
Added 2025-01-07
Due 2025-01-28
Exploit
Exploited in wild
Active exploitation observed
Affected products
2
Oracle Corporation Weblogic ServerOracle Weblogic Server
Timeline
PublishedApr 15
KEV addedJan 7
KEV dueJan 28
Latest updateSep 18
CISA Required Action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Description

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVS

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDoracle/weblogic_server4 versions+3
CVEListV5oracle_corporation/weblogic_server4 versions+3

🔴Vulnerability Details

3
GHSA
GHSA-9x8q-p3qp-r24w: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)2022-05-24
CVEList
CVE-2020-2883: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core)2020-04-15
VulnCheck
Oracle WebLogic Server Unspecified Vulnerability2020

💥Exploits & PoCs

2
Metasploit
WebLogic Server Deserialization RCE BadAttributeValueExpException ExtComp
Nuclei
Oracle WebLogic Server - Remote Code Execution

📋Vendor Advisories

3
CISA ICS
Hitachi Energy Service Suite2025-09-18
CISA
Oracle WebLogic Server Unspecified Vulnerability2025-01-07
Oracle
Oracle Oracle Fusion Middleware Risk Matrix: Core — CVE-2020-28832020-04-15

🕵️Threat Intelligence

9
Bleepingcomputer
CISA warns of critical Oracle, Mitel flaws exploited in attacks2025-01-07
Tenable
CVE-2020-14882: Oracle WebLogic Remote Code Execution Vulnerability Exploited in the Wild2020-10-29
Tenable
Oracle Critical Patch Update for October 2020 Addresses 402 Security Updates2020-10-21
Tenable
Oracle Critical Patch Update for July 2020 Tops Previous Record with 443 Security Updates2020-07-15
Tenable
CVE-2020-2883: Oracle WebLogic Deserialization Vulnerability Exploited in the Wild2020-05-13
CVE-2020-2883 — CRITICAL severity | cvebase