{"containers": {"cna": {"affected": [{"product": "WebLogic Server", "vendor": "Oracle Corporation", "versions": [{"status": "affected", "version": "10.3.6.0.0"}, {"status": "affected", "version": "12.1.3.0.0"}, {"status": "affected", "version": "12.2.1.3.0"}, {"status": "affected", "version": "12.2.1.4.0"}]}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS instance is using JDK 1.7.0_191 or later, or JDK 1.8.0_181 or later. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-06-17T13:05:17", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2020-2801", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "WebLogic Server", "version": {"version_data": [{"version_affected": "=", "version_value": "10.3.6.0.0"}, {"version_affected": "=", "version_value": "12.1.3.0.0"}, {"version_affected": "=", "version_value": "12.2.1.3.0"}, {"version_affected": "=", "version_value": "12.2.1.4.0"}]}}]}, "vendor_name": "Oracle Corporation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS instance is using JDK 1.7.0_191 or later, or JDK 1.8.0_181 or later. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}]}, "impact": {"cvss": {"baseScore": "9.8", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server."}]}]}, "references": {"reference_data": [{"name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2020-2801", "datePublished": "2020-04-15T13:29:46", "dateReserved": "2019-12-10T00:00:00", "dateUpdated": "2020-06-17T13:05:17", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update191:*:*:*:*:*:*", "matchCriteriaId": "ED6BF214-B45C-405E-83AC-C8A084A6E4C4", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update191_b31:*:*:*:*:*:*", "matchCriteriaId": "C42421FD-2C8C-4EEC-8FBE-66A24D84D3BA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update191_b32:*:*:*:*:*:*", "matchCriteriaId": "775E7391-3575-4D07-AAC3-A420940A9738", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update201:*:*:*:*:*:*", "matchCriteriaId": "CE7DA784-1D92-4139-8336-75FDF68AC78D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update201_b31:*:*:*:*:*:*", "matchCriteriaId": "FF3A7C77-C7C5-4A06-A5B6-EFEEF9D6AD13", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*", "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21_b31:*:*:*:*:*:*", "matchCriteriaId": "29E8513E-09C8-4679-A84D-7DD50093E5B0", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update211:*:*:*:*:*:*", "matchCriteriaId": "4799C9AF-4B5E-413D-8E50-0B4C386AB2D6", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update211_b31:*:*:*:*:*:*", "matchCriteriaId": "1370785A-D7F7-4059-A2C5-23E587DCA628", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update211_b32:*:*:*:*:*:*", "matchCriteriaId": "04EC96D7-3FC1-4069-8CBD-AE0C1F54F047", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update221:*:*:*:*:*:*", "matchCriteriaId": "CBFFE773-E37C-40E2-91FC-65C758A3B3A5", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update221_b31:*:*:*:*:*:*", "matchCriteriaId": "E3A6A348-649B-4D19-A439-20BA48C8A22C", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update221_b32:*:*:*:*:*:*", "matchCriteriaId": "4060D1C9-3AAD-4020-BB1D-D1CEA1060393", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update221_b34:*:*:*:*:*:*", "matchCriteriaId": "137E5DF0-0F4B-4BD8-BE3D-52556500D6F3", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update221_b35:*:*:*:*:*:*", "matchCriteriaId": "9E9D2C83-86DF-4282-BCC3-611C59AD0360", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update231:*:*:*:*:*:*", "matchCriteriaId": "DF90EC6E-5E6B-4358-AC42-0D7C6A58A4E4", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update231_b32:*:*:*:*:*:*", "matchCriteriaId": "C47EE5B9-93D7-400F-9C82-CBED3954BE43", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update241:*:*:*:*:*:*", "matchCriteriaId": "01981FC7-F8D7-4268-9FF8-2F5968A8ECC9", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update241_b31:*:*:*:*:*:*", "matchCriteriaId": "4B393243-31D7-4B83-997A-D538C46E78DC", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*", "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b33:*:*:*:*:*:*", "matchCriteriaId": "4AE3DEB6-A368-4BFA-AA8B-2D5AEF812199", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b34:*:*:*:*:*:*", "matchCriteriaId": "2A291196-FA04-4897-B2B0-E078C51E8C14", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b35:*:*:*:*:*:*", "matchCriteriaId": "FD014E94-E45B-4DCD-B345-12DDD59F358C", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update251:*:*:*:*:*:*", "matchCriteriaId": "E3B8B378-3211-4E63-873D-A05574B39E14", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update261:*:*:*:*:*:*", "matchCriteriaId": "C9F6C698-54CB-4CBE-BBC9-2A059D419BAC", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update271:*:*:*:*:*:*", "matchCriteriaId": "3D07DCC8-4D24-4B8F-B72E-83DC311BD683", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update271_b31:*:*:*:*:*:*", "matchCriteriaId": "4ADFF222-A3C2-4B93-A6A7-6590ABC47867", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update281:*:*:*:*:*:*", "matchCriteriaId": "F49F15CC-45EE-429D-ACF8-4985F09B7D20", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update281_b32:*:*:*:*:*:*", "matchCriteriaId": "ED935F80-1342-43FC-97BF-21FB30B7158D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update281_b33:*:*:*:*:*:*", "matchCriteriaId": "D863492B-BABD-4C02-ABF3-DF7CAC9724AC", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update291:*:*:*:*:*:*", "matchCriteriaId": "CC7644D5-EEA1-4FA8-8F5E-9C476DACF956", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update291_b31:*:*:*:*:*:*", "matchCriteriaId": "B41ED5F7-5ED0-424C-82EA-362AED0BC427", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update291_b32:*:*:*:*:*:*", "matchCriteriaId": "CC17E1D8-A954-4125-BB89-1C8CC1D1B42C", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update301:*:*:*:*:*:*", "matchCriteriaId": "6B0DA102-863A-43BC-8F61-5ED10DAFDC2F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update301_b31:*:*:*:*:*:*", "matchCriteriaId": "3C75D1F4-A0C6-414F-A639-F922E776CF68", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update311_b31:*:*:*:*:*:*", "matchCriteriaId": "0937BA37-96CC-4E73-A1FC-4EA85E84C438", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update321:*:*:*:*:*:*", "matchCriteriaId": "F3E9DB6B-06BC-47F9-AEB9-E36378A97543", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update321_b31:*:*:*:*:*:*", "matchCriteriaId": "BA62C0FF-F274-401A-AC17-4D7D2124D003", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update331:*:*:*:*:*:*", "matchCriteriaId": "13F6415A-E5FB-4C4D-B1F7-0DEFD0C04376", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update341:*:*:*:*:*:*", "matchCriteriaId": "D382EFFC-2C0A-4C87-8DD4-3A407F4CA424", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update341_b31:*:*:*:*:*:*", "matchCriteriaId": "49E2BED5-D642-443F-B990-417E6B4B4201", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update343:*:*:*:*:*:*", "matchCriteriaId": "6E3C0BA3-FCD3-4CB8-B8C7-F931090A7DBE", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update343_b31:*:*:*:*:*:*", "matchCriteriaId": "315209B0-021C-45EE-A837-798CAE009C2C", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*", "matchCriteriaId": "220536FA-695D-4DE8-9813-494E3D061B78", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*", "matchCriteriaId": "45B89CBB-BF1F-4887-BD28-6D6FB77AD18A", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b31:*:*:*:*:*:*", "matchCriteriaId": "8288A04E-B4C0-499D-B5F0-E93B99C76DE1", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b32:*:*:*:*:*:*", "matchCriteriaId": "55AA22EE-0B24-4768-B8D3-89A8065454EB", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b33:*:*:*:*:*:*", "matchCriteriaId": "DC399FA2-1B97-42D5-980B-20ED438A09EA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b34:*:*:*:*:*:*", "matchCriteriaId": "218A03B4-9443-4312-A63A-F1BE0682868D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*", "matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51_b31:*:*:*:*:*:*", "matchCriteriaId": "E5818404-E88B-4599-A69F-2FE6B6BCEDEE", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51_b32:*:*:*:*:*:*", "matchCriteriaId": "8E3B5FD5-AC9C-4600-A25B-AEDCA65F6B4B", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51_b33:*:*:*:*:*:*", "matchCriteriaId": "71070E11-50BA-4D85-B908-60FBFB2D0AEA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update55:*:*:*:*:*:*", "matchCriteriaId": "6585D343-9DE6-4C78-9C1D-18D4FBF65833", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update55_b31:*:*:*:*:*:*", "matchCriteriaId": "3FBCC7CC-AE86-4009-96BA-ABABE6943475", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update55_b32:*:*:*:*:*:*", "matchCriteriaId": "F2B4DC17-8A2E-4A80-AB4F-07051D75C603", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update55_b33:*:*:*:*:*:*", "matchCriteriaId": "CB3CB4D6-8F95-4965-B2EB-73AF8F44DD6A", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update55_b35:*:*:*:*:*:*", "matchCriteriaId": "1C89E075-6903-4131-BBF9-8595975A53C4", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*", "matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60_b32:*:*:*:*:*:*", "matchCriteriaId": "A557AA8C-75DB-43B1-B6C9-0952D501A3BE", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60_b33:*:*:*:*:*:*", "matchCriteriaId": "7B05D016-0C37-4B1B-BF36-73A4BAB33779", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update65:*:*:*:*:*:*", "matchCriteriaId": "B71B8AB1-3F1D-45FF-8390-CB8689AA735F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update65_b33:*:*:*:*:*:*", "matchCriteriaId": "0E9F5BF4-DC92-45D1-BB7E-5D07A57EC0CC", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update67:*:*:*:*:*:*", "matchCriteriaId": "FCF8778E-09C0-4569-A06F-91B6BC9ABFA3", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update67_b31:*:*:*:*:*:*", "matchCriteriaId": "AEF55048-9894-4AFC-A1DC-562B46A48E69", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update67_b34:*:*:*:*:*:*", "matchCriteriaId": "69A79C98-4080-4546-B585-FC8A00EDD324", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*", "matchCriteriaId": "270DE3F5-C51F-4E62-B532-7773BCF8CC7C", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update71:*:*:*:*:*:*", "matchCriteriaId": "EB2429BA-65AE-4EC5-B6BC-3767651BEC35", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*", "matchCriteriaId": "D95925E1-5761-4CDD-80A0-52939ABF52F8", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72_b31:*:*:*:*:*:*", "matchCriteriaId": "232BE48C-4C94-443B-ABB0-E4A6974D9AC5", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72_b32:*:*:*:*:*:*", "matchCriteriaId": "E9795F1B-54ED-4174-859D-4FDF2608C811", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72_b33:*:*:*:*:*:*", "matchCriteriaId": "D1ACB042-7BCF-44E5-9B84-D59D82E2AFAA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update75:*:*:*:*:*:*", "matchCriteriaId": "D084DBE9-BF2F-4A9B-8FDE-A9A608E6B40F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76:*:*:*:*:*:*", "matchCriteriaId": "A2C5FA21-4D3B-4739-92A1-B87A1A63F29B", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b32:*:*:*:*:*:*", "matchCriteriaId": "54A23370-3A61-4995-87D8-F103BB2984DA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b33:*:*:*:*:*:*", "matchCriteriaId": "D5D43544-F804-45FE-89B5-F88074300FDC", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b34:*:*:*:*:*:*", "matchCriteriaId": "C207D015-0899-4687-8C08-2A6FDEBF5C1F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b35:*:*:*:*:*:*", "matchCriteriaId": "1FAF8BF9-4CBB-40E0-AE5E-5F93131781CA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b36:*:*:*:*:*:*", "matchCriteriaId": "2EC63FDE-9011-435A-9EDE-7F5669CF9485", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b37:*:*:*:*:*:*", "matchCriteriaId": "66EBB3EC-7ABE-417E-8F13-48E71B8EC9CF", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76_b38:*:*:*:*:*:*", "matchCriteriaId": "69BF4665-B44D-471E-B7A0-8315869693E3", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update79:*:*:*:*:*:*", "matchCriteriaId": "EF452639-C3C1-4E61-93EA-B63D2E53B4A9", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80:*:*:*:*:*:*", "matchCriteriaId": "18FB6138-2B3D-4C4B-8647-3D1646165641", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80_b33:*:*:*:*:*:*", "matchCriteriaId": "14F65476-754F-41DB-92E3-F267E3473348", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update80_b35:*:*:*:*:*:*", "matchCriteriaId": "BA91D829-F6DD-4D88-889A-DA7264F8A50D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*", "matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85_b31:*:*:*:*:*:*", "matchCriteriaId": "A359F4F0-31D3-4B1E-9A6A-189B48BD0E13", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85_b33:*:*:*:*:*:*", "matchCriteriaId": "07C92311-3C24-4B95-A54E-1CFEB90FBD9D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85_b34:*:*:*:*:*:*", "matchCriteriaId": "B53372E0-D7B2-49B9-920B-4987CDCCFF6F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*", "matchCriteriaId": "5ED1BA76-BCA4-483F-B238-39FA792984BC", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*", "matchCriteriaId": "D450D249-DD3B-435F-B006-C44A215A3DC4", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*", "matchCriteriaId": "4B0EF44A-833C-4B9D-824A-5E0FFFBA8340", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update91_b17:*:*:*:*:*:*", "matchCriteriaId": "BD2CA6C0-4B01-4F6D-8D86-B46766FF93B8", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update91_b32:*:*:*:*:*:*", "matchCriteriaId": "674888AE-128F-40AD-92BC-EB217A23288D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update91_b33:*:*:*:*:*:*", "matchCriteriaId": "E98EF351-F733-404F-9DB8-E7D26BB71207", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update95:*:*:*:*:*:*", "matchCriteriaId": "A3B6676E-CF9C-4680-B5E5-641C08284D2A", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update95_b13:*:*:*:*:*:*", "matchCriteriaId": "F5216DEF-286C-4E35-8A1B-B45E4EE4B0C6", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update95_b31:*:*:*:*:*:*", "matchCriteriaId": "D02E9DD2-C2FB-4BEF-8F45-454C92F33A75", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update95_b32:*:*:*:*:*:*", "matchCriteriaId": "AFB8D297-3AC3-4F68-9B55-4E27B5AB4728", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update97:*:*:*:*:*:*", "matchCriteriaId": "9F65C05E-84C6-47E9-80D2-00C4EAD3298F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update97_b31:*:*:*:*:*:*", "matchCriteriaId": "8D75D817-A043-4590-B47F-2DF8303BD852", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update97_b32:*:*:*:*:*:*", "matchCriteriaId": "FFBD6B7A-3155-49F6-9EDE-05604AE6958E", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update97_b33:*:*:*:*:*:*", "matchCriteriaId": "9EE8CF35-448C-4D64-BA88-08489740A551", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update99:*:*:*:*:*:*", "matchCriteriaId": "C3D13189-1F7B-482F-ABF7-CC8D563716C8", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update99_b31:*:*:*:*:*:*", "matchCriteriaId": "59C60EA2-C65E-451F-B441-E9D840035DD0", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update181:*:*:*:*:*:*", "matchCriteriaId": "7D8C0DB7-6178-4D70-B460-97A49F012560", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update182:*:*:*:*:*:*", "matchCriteriaId": "95C4D08B-88BF-4299-90B8-51F6B214C3B5", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update191:*:*:*:*:*:*", "matchCriteriaId": "659BB485-5518-45B0-8CB3-F52458643FD7", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update192:*:*:*:*:*:*", "matchCriteriaId": "97115EB3-5516-40D5-9BAA-FE7A3A2F55B4", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update20:*:*:*:*:*:*", "matchCriteriaId": "1F19BFEB-7202-4156-893E-576486FCCA63", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update201:*:*:*:*:*:*", "matchCriteriaId": "4E22CE3F-0A12-4781-8CF4-3212CF821CC3", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update202:*:*:*:*:*:*", "matchCriteriaId": "E48B134C-4673-48A9-A3B2-56FB51635AAA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update211:*:*:*:*:*:*", "matchCriteriaId": "0DBD2DA4-CA79-41DE-99A0-0B7B98EBFD9D", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update212:*:*:*:*:*:*", "matchCriteriaId": "99FCBFD3-0E67-48CF-A3CD-F71397AE26A6", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update221:*:*:*:*:*:*", "matchCriteriaId": "F876E775-7B83-4717-8581-1CBD7AE40C8C", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update231:*:*:*:*:*:*", "matchCriteriaId": "8836399B-AA1F-45DB-A423-B41A93A14281", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update241:*:*:*:*:*:*", "matchCriteriaId": "CEAD5DA3-6D7D-4127-8E58-E0ACA8A611D7", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*", "matchCriteriaId": "E87241E0-A296-4CAA-980A-FC572DAEB9F5", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update251:*:*:*:*:*:*", "matchCriteriaId": "FF39F7B1-6571-4BF6-A58F-4A6801636217", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update252:*:*:*:*:*:*", "matchCriteriaId": "67425F4C-2577-4F39-8007-97762C299C65", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update261:*:*:*:*:*:*", "matchCriteriaId": "AAC508A2-CF8A-4037-87C8-B87E19ABC644", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update271:*:*:*:*:*:*", "matchCriteriaId": "A1A9FD4A-D257-4D14-B242-27AD1AEF4E90", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update281:*:*:*:*:*:*", "matchCriteriaId": "3484EAC9-2F68-4952-8F0B-D1B83B5956CD", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update291:*:*:*:*:*:*", "matchCriteriaId": "791E436C-516A-423D-98A1-0F446C5027AB", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update301:*:*:*:*:*:*", "matchCriteriaId": "CE681FC3-48FE-4FC1-A28B-45CFF796BADA", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update31:*:*:*:*:*:*", "matchCriteriaId": "17FDA6F9-854D-44A8-9B73-76143955CA9B", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update311:*:*:*:*:*:*", "matchCriteriaId": "3C9591ED-CA9E-4844-9B7F-D477D7A51413", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update321:*:*:*:*:*:*", "matchCriteriaId": "6765029F-98C1-44A2-A7F7-152DCA8C9C95", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update331:*:*:*:*:*:*", "matchCriteriaId": "44991EC9-10E6-4FD7-B9D0-2523CB82F95A", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update333:*:*:*:*:*:*", "matchCriteriaId": "EB2A5440-7FA7-4A86-AA19-E2ABBD809B19", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update341:*:*:*:*:*:*", "matchCriteriaId": "EC1EEFCE-432E-40EE-B547-A193896C4CA4", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update345:*:*:enterprise_performance_pack:*:*:*", "matchCriteriaId": "FB70CB5F-AABC-4CF2-B17E-D9C8D1E22F1F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update40:*:*:*:*:*:*", "matchCriteriaId": "8348D050-22EF-49AC-960A-ADBA1441FFC0", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update45:*:*:*:*:*:*", "matchCriteriaId": "914D54AC-EAAE-4A01-BA88-7F245BDA47C5", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*", "matchCriteriaId": "242A511F-2297-41CD-8C85-D7ADF8F7A520", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update6:*:*:*:*:*:*", "matchCriteriaId": "49A6100C-86B5-4180-8807-06FB211443AD", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update65:*:*:*:*:*:*", "matchCriteriaId": "05726B2D-17F9-4192-A570-979BA8F6676E", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*", "matchCriteriaId": "D6C77242-C6FB-4BED-BA51-E9477D64E311", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update71:*:*:*:*:*:*", "matchCriteriaId": "3D7BC21E-FD48-4394-972B-A3FE084E375E", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update72:*:*:*:*:*:*", "matchCriteriaId": "93A8C261-0440-432B-A650-E87C6DC42D74", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update73:*:*:*:*:*:*", "matchCriteriaId": "98B69D8A-14A9-4322-967A-9CACC2EBB05E", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update74:*:*:*:*:*:*", "matchCriteriaId": "0B1C656A-7501-4417-9959-F21FFD85B512", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update77:*:*:*:*:*:*", "matchCriteriaId": "C6CAC2AE-7FB0-40F4-9A45-533943A35772", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*", "matchCriteriaId": "429DC535-FA00-4309-AD75-E79F238A4B29", "vulnerable": false}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*", "matchCriteriaId": "95C17CAA-0971-44CB-8A04-F135ACBEFBF3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. Note: The patch for this issue will address the vulnerability only if the WLS instance is using JDK 1.7.0_191 or later, or JDK 1.8.0_181 or later. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Oracle WebLogic Server de Oracle Fusion Middleware (componente: Core). Las versiones compatibles que se ven afectadas son 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 y 12.2.1.4.0. La vulnerabilidad f\u00e1cilmente explotable permite que un atacante no autenticado con acceso a la red a trav\u00e9s de IIOP, T3 comprometa el servidor Oracle WebLogic. Los ataques de esta vulnerabilidad pueden resultar en la adquisici\u00f3n de Oracle WebLogic Server. Nota: El parche para este problema abordar\u00e1 la vulnerabilidad s\u00f3lo si la instancia WLS est\u00e1 usando JDK 1.7.0_191 o posterior, o JDK 1.8.0_181 o posterior. CVSS 3.0 Puntuaci\u00f3n Base 9.8 (Impactos de confidencialidad, integridad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)"}], "id": "CVE-2020-2801", "lastModified": "2023-02-09T15:49:49.903", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "secalert_us@oracle.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-04-15T14:15:28.123", "references": [{"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}