VDB
CNVD-2020-38879
CNVD-2020-38879
PUBLISHED
CVSS 9.800000190734863 CRITICAL
WebLogic是美国Oracle公司出品的一个application server,是一个基于JAVAEE架构的中间件,WebLogic是用于开发、集成、部署和管理大型分布式Web应用、网络应用和数据库应用的Java应用服务器。 Oracle WebLogic Server存在远程代码执行漏洞。攻击者可利用漏洞实现远程代码执行。
Risk Scores
CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Corporation | WebLogic Server | 12.2.1.3.0, 14.1.1.0.0, 12.2.1.4.0 |
| oracle | weblogic_server | 14.1.1.0.0, 12.2.1.3.0, 12.2.1.4.0 |
Exploit Intelligence
- cve-2020-14644 漏洞环境 (github-poc)
- cve-2020-14644 漏洞环境 (github-poc)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-14644 (circl)
- https://www.oracle.com/security-alerts/cpujul2020.html (circl)
- CIRCL exploited: CVE-2020-14644 (circl-sighting)
- CIRCL seen: CVE-2020-14644 (circl-sighting)
- CIRCL seen: CVE-2020-14644 (circl-sighting)
- CIRCL seen: CVE-2020-14644 (circl-sighting)
- CIRCL seen: CVE-2020-14644 (circl-sighting)
- CIRCL seen: CVE-2020-14644 (circl-sighting)
…and 4 more exploits
Timeline
- Jul 14, 2020 CVE Published
- Sep 20, 2024 PoC Published
- Feb 23, 2025 PoC Published
- Aug 18, 2025 PoC Published
- Aug 19, 2025 PoC Published
- Nov 6, 2025 PoC Published
- Feb 2, 2026 PoC Published