Recently, we detected that the latest patch of CVE-2020-14882, Oracle Weblogic Console Remote Code Execution vulnerability can be bypassed. The vulnerability level is critical. The CVSS 3.1 Base Score is 9.8. Oracle fixed this vulnerability. However, with the latest Oracle patch installed on Weblogic, remote attackers can still construct special HTTP requests to take over WebLogic Server without authentication.
The post CVE-2020-14882: Weblogic Console Remote Code Execution Vulnerability (Patch Bypass) Alert appeared first on InfoTech News.