CVE-2020-14882: Oracle WebLogic Remote Code Execution Vulnerability Exploited in the Wild
by Rody Quinlan on October 29, 2020
A remote code execution vulnerability in Oracle WebLogic Server has been actively exploited in the wild just one week after a patch was released and one day after a proof of concept was published.
Update October 30, 2020: The solutions section has been updated to reflect the disclosure of a potential bypass of the patch for CVE-2020-14882.
Update November 2, 2020: The solutions section has been updated to reflect the release of a patch to address the potential bypass of the patch for CVE-2020-14482.