Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-2555

Oracle | Multiple ProductsAdded 2021-11-03Remediation Deadline 2022-05-03

Oracle Multiple Products Remote Code Execution Vulnerability

Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail Assortment Planning, Oracle Commerce, Oracle Communications Diameter Signaling Router (DSR).

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-502

References