Exploit for #VU13906 Privilege escalation in Oracle WebLogic Server

Exploit for #VU13906 Privilege escalation in Oracle WebLogic Server

Published: 2020-04-07

Vulnerability identifier: #VU13906

Vulnerability risk: Low

CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2018-2894

CWE-ID: CWE-264

Exploitation vector: Network

Exploits in database: 1

April 7, 2020
- exphub (Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本，最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-2019-17558、CVE-2019-6340) [Github]

Impact: Code execution

Vulnerable software:
Oracle WebLogic Server
Server applications / Application servers

Vendor: Oracle