Reference:
Advisory #2020-033
Version:
1.0
Affected software:
Oracle Weblogic Server 10.3.6
Oracle Weblogic Server 12.1.3
Oracle Weblogic Server 12.2.1.3
Oracle Weblogic Server 12.2.1.4
Oracle Weblogic Server 14.1.1.0
Type:
Remote Code Execution (RCE)
CVE/CVSS:
CVE-2020-14882 - 9.8 CVSS V3(CRITICAL)
Sources
https://testbnull.medium.com/weblogic-rce-by-only-one-get-request-cve-2020-14882-analysis-6e4b09981dbf (Foreign language)
Risks
CVE-2020-14882 can be exploited by an unauthenticated attacker by sending a simple HTTP GET request leading to a full compromise of a vulnerable system.
Description
There is an increased activity of threat actors scanning the Internet for servers running vulnerable installs of Oracle WebLogic in the attempt of exploiting the critical flaw tracked as CVE-2020-14882. CVE-2020-14882 can be exploited by an unauthenticated attacker by sending a simple HTTP GET request leading to a full compromise of a vulnerable system. Oracle fixed the vulnerability in this month’s release of Critical Patch Update (CPU).
Recommended Actions
CERT.be recommends to System administrators to install the latest updates released by the vendor for the affected versions:
https://www.oracle.com/security-alerts/cpuoct2020.html References
https://www.oracle.com/security-alerts/cpuoct2020.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14882 https://www.bleepingcomputer.com/news/security/critical-oracle-weblogic-flaw-actively-targeted-in-attacks/ 
