{"uuid": "b57feeb9-8af6-4053-bfa8-0de62bc82620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-2555", "type": "exploited", "source": "https://t.me/techpwnews/630", "content": "Details on the Oracle WebLogic Vulnerability Being Exploited in the Wild\n\nEarlier this year, I blogged about a deserialization vulnerability in the Oracle WebLogic Server. This was patched by Oracle and assigned CVE-2020-2555. However, researcher Quynh Le of VNPT ISC submitted a bug to the ZDI that showed how the patch could be bypassed. This bug, labeled CVE-2020-2883, is now being reported by Oracle as being used in active attacks. In this blog post, we will go through the details of this recently...\n\nContinue reading at Zero Day Initiative - Blog", "creation_timestamp": "2020-05-12T00:13:56.000000Z"}