CVE-2020-2883
Oracle WebLogic Server Unspecified Vulnerability
CVSS
—
No CVSS
EPSS
94.9%
p100
KEV
YES
Jan 7, 2025
Exploit Today
80
0-100
Published: — · Last modified: —
94.9%EPSS · 30 days94.9%
2026-06-302026-07-16
Product
Oracle / WebLogic Server
Vulnerability
Oracle WebLogic Server Unspecified Vulnerability
Added to KEV
Jan 7, 2025
Remediate by
Jan 28, 2025
Known ransomware use
No
Summary description
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP or T3.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://www.oracle.com/security-alerts/cpuapr2020.html ; https://nvd.nist.gov/vuln/detail/CVE-2020-2883
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2020-14882—100.0%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2017-10271—100.0%
KEV—80Oracle Corporation WebLogic Server Remote Code Execution Vulnerability—CVE-2019-2725—100.0%
KEV—80Oracle WebLogic Server, Injection—CVE-2023-21839—100.0%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—CVE-2020-14750—99.9%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2018-2628—99.9%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—