COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2020-2551

CVE-2020-2551

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-11-16
Reference
https://nvd.nist.gov/vuln/detail/CVE-2020-2551
⌖ exploited in the wild shame 50/100 exploited-in-wild

Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.

Players implicated

Oracle · vendorFusion Middleware · product

Description

Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server.

Affected FedRAMP products 10 in the catalog

ProductProviderStatusMatch
Aconex for Defense Oracle Authorized vendor-exact · 0.90
Federal Managed Cloud Services Oracle Authorized vendor-exact · 0.90
Fusion Cloud Oracle Authorized vendor-exact · 0.90
Government Cloud - Common Controls Oracle Authorized vendor-exact · 0.90
Oracle Cloud Infrastructure-Government Cloud Oracle Authorized vendor-exact · 0.90
Oracle Enterprise Performance Management (EPM) Oracle Authorized vendor-exact · 0.90
Oracle Enterprise Performance Management (EPM) - Moderate Oracle In Process vendor-exact · 0.90
Oracle Service Cloud Oracle Authorized vendor-exact · 0.90
Oracle Service Cloud (DOD) Oracle Authorized vendor-exact · 0.90
Taleo Cloud - U.S. Government Cloud Oracle Authorized vendor-exact · 0.90