Oracle WebLogic Server Unspecified Vulnerability

Added Jan. 7, 2025 • Due Jan. 28, 2025 • CVE-2020-2883

Overdue Oracle / WebLogic Server

Description

Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP or T3.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

https://www.oracle.com/security-alerts/cpuapr2020.html
https://nvd.nist.gov/vuln/detail/CVE-2020-2883

Additional Information

Catalog Version: 2025.01.24
Catalog Released: Jan. 24, 2025
Days Until Due: 0 days
Last Updated: 7 months, 2 weeks ago