Oracle is releasing a patch to fix a bug for the second time after releasing the exploit code as a POC. Oracle released a rare out-of-cycle security update on Sunday to address an incomplete patch for a recently revealed vulnerability in Oracle Web Logic servers. The flaw is currently actively exploited in computer attacks.
The new patch (tracked as CVE-2020-14750) adds additional fixes to a first bug (tracked as CVE-2020-14882), initially fixed with Oracle's standard quarterly security updates, the security update of October 2020.
CVE-2020-14882 is a dangerous vulnerability that allows attackers to execute malicious code on an Oracle Web Logic server before server authentication is enabled. To exploit CVE-2020-14882, an attacker only needs to send a trapped HTTP GET request to the Web Logic server management console.
designkug.com © 2021 • About Us • DMCA Policy • Privacy Policy • Terms & Condition • Contact Us • Submit Apps