Oracle Security Alert for CVE-2020-14750

This Security Alert addresses CVE-2020-14750, a vulnerability in Oracle WebLogic Server for remote code execution. This vulnerability is identified with CVE-2020-14882, which was tended to in the October 2020 Critical Patch Update.  It is remotely exploitable without authentication, i.e., might be misused over an organization without the requirement for a username and password.

The Security Alert Advisory is the beginning stage for pertinent data. It incorporates a synopsis of the security weakness, and a pointer to acquire the most recent patches.  Supported products not specified in the ‘Products and Versions affected’ section of the advisory do not require new patches to be applied.   Likewise, it is basic to survey the Security Alert supporting documentation referred to in the Advisory prior to applying patches, as this is the place where you can discover significant relevant data.

It fixed 402 vulnerabilities across various product families. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0.

“Due to the severity of this vulnerability and the publication of exploit code on various sites, Oracle strongly recommends that customers apply the updates provided by this Security Alert as soon as possible.”

The Cybersecurity and Infrastructure Security Agency (CISA) also published an alert related to the vulnerability that urges users and administrators to apply the security update.

Oracle has released an out-of-band security alert to address a remote code execution vulnerability—CVE-2020-14750—in Oracle WebLogic Server. A remote attacker can exploit this vulnerability to take control of an affected system.” reads the alert. “The Cybersecurity and Infrastructure Security Agency (CISA) urges users and administrators to review the Oracle Security Alert and apply the necessary updates.”

Solution IDsk170375
Severity9
ProductSecurity Gateway
VersionR80.40
OSGaia
Date Created11-03-2020
Last Modified11-04-2020
Date Published11-01-2020
Date Added11-02-2020

Solution(s)

  • oracle-weblogic-10_3_6_0_0-apply-patch-32097188
  • oracle-weblogic-12_1_3_0_0-apply-patch-32097177
  • oracle-weblogic-12_2_1_3_0-apply-patch-32097173
  • oracle-weblogic-12_2_1_4_0-apply-patch-32097167
  • oracle-weblogic-14_1_1_0_0-apply-patch-32097180
  • oracle-weblogic-cve-2020-14750

13 thoughts on “Oracle Security Alert for CVE-2020-14750

  1. You ought to likewise work with a supplier that can be gotten to by a wide range on a wide scope of telephones and portable administrations. Nelli Jae Willmert

  2. If some one wishes expert view concerning running a blog after that i propose him/her to pay a visit this webpage, Keep up the nice work. Cindy Ab Doug

Leave a Reply

Your email address will not be published. Required fields are marked *