← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-2555 — Actively Exploited: Multiple Products (Oracle)

Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commer

CVE IDCVE-2020-2555
VendorOracle
ProductMultiple Products
Vulnerability nameOracle Multiple Products Remote Code Execution Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionMultiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →