I. Overview

Recently, we detected that the latest patch of CVE-2020-14882, Weblogic Console Remote Code Execution Vulnerability, can be bypassed. Even with the latest patch of CVE-2020-14882 installed on Weblogic, remote attackers can still construct special HTTP requests to take over WebLogic Server without authentication. Oracle has not released the latest vulnerability fixing patch. It is recommended that affected customers take temporary mitigation measures as soon as possible to prevent attackers from intruding.

II. Severity

Severity: important

(Severity: low, moderate, important, and critical)

III. Affected Products

WebLogic 10.3.6.0.0

WebLogic 12.1.3.0.0

WebLogic 12.2.1.3.0

WebLogic 12.2.1.4.0

WebLogic 14.1.1.0.0

IV. Vulnerability Handling

Oracle has not released the latest vulnerability fixing patch. We recommend that the users temporarily close the Weblogic background /console/console.portal external access authority.

Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.