2020-10-22
Ðû²¼Ê±¼ä 2020-10-22ÐÂÔöÊÂÎñ
ÊÂÎñÃû³Æ£º | TCP_Oracle_WebLogic_·´ÐòÁл¯Îó²î[CVE-2020-14825] |
Çå¾²ÀàÐÍ£º | Çå¾²Îó²î |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IPʹÓÃweblogic·´ÐòÁл¯Îó²î¾ÙÐй¥»÷µÄÐÐΪ£¬Oracle CoherenceΪOracleÈÚºÏÖÐÐļþÖеIJúÆ·£¬ÔÚWebLogic 12c¼°ÒÔÉÏ°æ±¾ÖÐĬÈϼ¯³Éµ½WebLogic×°ÖðüÖУ¬¹¥»÷Õßͨ¹ýt3ÐÒé·¢ËͽṹµÄÐòÁл¯Êý¾Ý£¬ÄܹýÔì³ÉÏÂÁîÖ´ÐеÄЧ¹û¡£ |
¸üÐÂʱ¼ä£º | 20201022 |
ÊÂÎñÃû³Æ£º | TCP_WebLogic_Blind_XXE×¢ÈëÎó²î[CVE-2020-14820][CNNVD-202010-994] |
Çå¾²ÀàÐÍ£º | ×¢Èë¹¥»÷ |
ÊÂÎñÐÎò£º | ¼ì²âµ½Ô´IPÖ÷»úÕýÔÚʹÓÃWebLogic Blind XXE×¢ÈëÎó²î¶ÔÄ¿µÄÖ÷»ú¾ÙÐй¥»÷µÄÐÐΪ¡£Í¨¹ý¸ÃÎó²î£¬¹¥»÷Õß¿ÉÒÔÔÚδÊÚȨµÄÇéÐÎϽ«payload·â×°ÔÚT3»òIIOPÐÒéÖУ¬Í¨¹ý¶ÔÐÒéÖеÄpayload¾ÙÐз´ÐòÁл¯£¬´Ó¶øʵÏÖ¶Ô±£´æÎó²îµÄWebLogic×é¼þ¾ÙÐÐÔ¶³ÌBlind XXE¹¥»÷¡£ |
¸üÐÂʱ¼ä£º | 20201022 |