E20-9voi1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
1
Year:
2020
Description
This strike exploits a remote code execution vulnerability in Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). The vulnerability is due to improper sanitization of user-supplied data sent via HTTP. A remote, unauthenticated attacker could exploit this by sending a maliciously crafted request to the server. A successful attack may result in arbitrary command execution in the context of the server process.