{"id":10030,"date":"2020-02-12T01:46:05","date_gmt":"2020-02-12T01:46:05","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=10030"},"modified":"2026-04-17T18:07:50","modified_gmt":"2026-04-17T18:07:50","slug":"weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/","title":{"rendered":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert"},"content":{"rendered":"<p><!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\"><br \/>\n<html><body><\/p>\n<ol>\n<li>\n<h2><strong>Overview<\/strong><\/h2>\n<\/li>\n<\/ol>\n<p>Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet Inter-ORB Protocol (IIOP) used by the WLA component in WebLogic.<!--more--><\/p>\n<p>This vulnerability exists in the core component of the WebLogic Server and can be triggered when the WebLogic Server is at default settings without administrative authentication and extra interaction, exerting an extensive impact.<\/p>\n<p>Via IIOP, an attacker could access the remote interface of the WebLogic Server to deliver malicious data, in a bid to gain server privileges and execute arbitrary code remotely without authorization. Oracle assigns a CVSS score of 9.8 to this vulnerability.<\/p>\n<p>The IIOP protocol is used to access remote objects as a Java interface. By default, it is enabled.<\/p>\n<p>For details about the Oracle CPU, please visit the following link:<\/p>\n<p><strong>https:\/\/www.oracle.com\/security-alerts\/cpujan2020.html<\/strong><\/p>\n<ol start=\"2\">\n<li>\n<h2><strong>Affected Versions<\/strong><\/h2>\n<\/li>\n<\/ol>\n<p><strong>The following versions are affected by the CVE-2020-2551 vulnerability:<\/strong><\/p>\n<ul>\n<li>Oracle Weblogic Server 10.3.6.0.0 (official patch to be released on January 31)<\/li>\n<li>Oracle Weblogic Server 12.1.3.0.0 (official patch to be released on January 31)<\/li>\n<li>Oracle Weblogic Server 12.2.1.3.0 (official patch is available)<\/li>\n<li>Oracle Weblogic Server 12.2.1.4.0 (official patch is available)<\/li>\n<\/ul>\n<ol start=\"3\">\n<li>\n<h2><strong>Check for the Vulnerability<\/strong><\/h2>\n<\/li>\n<\/ol>\n<h3><strong>3.1 Local Check<\/strong><\/h3>\n<p>You can use the following commands to check the WebLogic version and whether the patch is installed.<\/p>\n<table width=\"587\">\n<tbody>\n<tr>\n<td width=\"587\">$ cd \/Oracle\/Middleware\/wlserver_10.3\/server\/lib<\/p>\n<p>$ java -cp weblogic.jar weblogic.version<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>If no patch installation information is shown in the execution result, your WebLogic sever is vulnerable.<\/p>\n<p><a href=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-1.jpg\"><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone size-full wp-image-10031\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-1.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" width=\"569\" height=\"129\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-1.jpg 569w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-1-300x68.jpg 300w\" sizes=\"(max-width: 569px) 100vw, 569px\" \/><\/a><\/p>\n<ol start=\"4\">\n<li>\n<h2><strong>Technical Solutions<\/strong><\/h2>\n<\/li>\n<\/ol>\n<h3><strong>4.1 Official Fix<\/strong><\/h3>\n<p>In the Oracle CPU for January 2020, Oracle released patches for WebLogic Server 12.2.1.3 and 12.2.1.4. Affected users are advised to download and apply the corresponding patch &Acirc;&nbsp;as soon as possible.<\/p>\n<p>Patches for WebLogic Server 10.3.6.0.0 and 12.1.3.0.0 will be released on January 31, 2020. Users are advised to check Oracle&#8217;s official security bulletins from time to time to get the related patch as soon as possible. Before patches are available, users should use the workaround described in section 4.2.<\/p>\n<p>Note: Official patches of Oracle can be downloaded only by those with a licensed account of the software. Such users can use that account to log in to <a href=\"https:\/\/support.oracle.com\/\"><strong>https:\/\/support.oracle.com<\/strong><\/a> to obtain the latest patch.<\/p>\n<h3><strong>4.2 Workaround<\/strong><\/h3>\n<p>The risk of this vulnerability can be mitigated by disabling the IIOP protocol. To disable the IIOP protocol, follow these steps:<\/p>\n<p>Access the administration console of WebLogic Server. Choose<strong> Service &gt; AdminServer &gt; Protocol<\/strong>, deselect <strong>Enable IIOP<\/strong>, and restart the WebLogic Server to make the setting take effect.<\/p>\n<ul>\n<li>NSFOCUS&#8217;s Recommendations<\/li>\n<\/ul>\n<p>4.3.1 Detection Services and Products from NSFOCUS<\/p>\n<p>You can use NSFOCUS RSAS V6, NIPS, and UTS to check for the vulnerability in internal assets:<\/p>\n<ul>\n<li>Remote Security Assessment System (RSAS V6) plug-ins:<\/li>\n<\/ul>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulsys\"><strong>http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulsys<\/strong><\/a><\/p>\n<ul>\n<li>NSFOCUS Intrusion Detection System (NIDS)<\/li>\n<\/ul>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listIds\"><strong>http:\/\/update.nsfocus.com\/update\/listIds<\/strong><\/a><\/p>\n<ul>\n<li>Unified Threat Sensor (UTS)<\/li>\n<\/ul>\n<p><strong>http:\/\/update.nsfocus.com\/update\/listBsaUtsDetail\/v\/rule2.0.0<\/strong><\/p>\n<p>You can download upgrade packages from the following links to upgrade these devices to the latest version for vulnerability detection.<\/p>\n<h3><strong>4.3.2 Protection Products from NSFOCUS<\/strong><\/h3>\n<ul>\n<li>NSFOCUS Network Intrusion Prevention System (NIPS)<\/li>\n<\/ul>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listIps\"><strong>http:\/\/update.nsfocus.com\/update\/listIps<\/strong><\/a><\/p>\n<p>You can download upgrade packages from the following links to upgrade these devices to the latest version for vulnerability protection.<\/p>\n<h3><strong>4.3.3 Upgrade Package\/Rule Base Versions of Detection and Protection Products<\/strong><\/h3>\n<table width=\"566\">\n<tbody>\n<tr>\n<td width=\"188\"><strong>Detection Product<\/strong><\/td>\n<td width=\"378\"><strong>Upgrade Package\/Rule Base Version<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"188\"><strong>RSAS V6 System Plug-in Package<\/strong><\/td>\n<td width=\"378\">V6.0R02F01.1704<\/td>\n<\/tr>\n<tr>\n<td width=\"188\"><strong>NIDS<\/strong><\/td>\n<td width=\"378\">V5.6.8.815, V5.6.9.21797, and V5.6.10.21797<\/td>\n<\/tr>\n<tr>\n<td width=\"188\"><strong>UTS<\/strong><\/td>\n<td width=\"378\">V5.6.10.21797<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<ul>\n<li>RSAS V6 system plug-in package:<\/li>\n<\/ul>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/downloads\/id\/101679\"><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101679<\/strong><\/a><\/p>\n<ul>\n<li>NIDS upgrade package:<\/li>\n<\/ul>\n<p>V5.6.8.815<\/p>\n<p><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101674<\/strong><\/p>\n<p>V5.6.9.21797<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/downloads\/id\/101703\"><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101703<\/strong><\/a><\/p>\n<p>V5.6.10.21797<\/p>\n<p><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101704<\/strong><\/p>\n<ul>\n<li>UTS upgrade package:<\/li>\n<\/ul>\n<p><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101731<\/strong><\/p>\n<p>&nbsp;<\/p>\n<table width=\"566\">\n<tbody>\n<tr>\n<td width=\"188\"><strong>Protection Product<\/strong><\/td>\n<td width=\"227\"><strong>Upgrade Package\/Rule Base Version<\/strong><\/td>\n<td width=\"151\"><strong>Rule ID<\/strong><\/td>\n<\/tr>\n<tr>\n<td width=\"188\"><strong>NIPS<\/strong><\/td>\n<td width=\"227\">V5.6.8.815, V5.6.9.21797, and V5.6.10.21797<\/td>\n<td width=\"151\">24671<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<ul>\n<li>NIPS upgrade package:<\/li>\n<\/ul>\n<p>V5.6.8.815<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/downloads\/id\/101674\"><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101674<\/strong><\/a><\/p>\n<p>V5.6.9.21797<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/downloads\/id\/101703\"><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101703<\/strong><\/a><\/p>\n<p>V5.6.10.21797<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/downloads\/id\/101704\"><strong>http:\/\/update.nsfocus.com\/update\/downloads\/id\/101704<\/strong><\/a><\/p>\n<ol start=\"5\">\n<li>\n<h2><strong>Technical Analysis<\/strong><\/h2>\n<\/li>\n<\/ol>\n<p>Currently, Oracle only provides patches for certain versions of the WebLogic server to fix the CVE-2020-2551 vulnerability. According to the Oracle bullitin, patches for other versions will not be published until January 31.<\/p>\n<p>Following is the brief description of this vulnerability:<\/p>\n<p>When the IIOP protocol is enabled (enabled by default) on WebLogic server which requires no administrator authentication and extra interaction, an attacker could exploit this vulnerability to take over the server and obtain sensitive information through remote code execution.<\/p>\n<p><a href=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-2.jpg\"><img decoding=\"async\" class=\"alignnone size-full wp-image-10032\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-2.jpg\" alt=\"Red circular no entry sign with a white horizontal bar.\" width=\"556\" height=\"295\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-2.jpg 556w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-2-300x159.jpg 300w\" sizes=\"(max-width: 556px) 100vw, 556px\" \/><\/a><\/p>\n<ol start=\"6\">\n<li>\n<h2><strong>Appendix A: Product Use Guides<\/strong><\/h2>\n<ul>\n<li><a name=\"_Toc12905\"><\/a><a name=\"_Toc24971\"><\/a> Emergency Response Guides Provided by TRG<\/li>\n<\/ul>\n<\/li>\n<\/ol>\n<h3><strong><a name=\"_Toc26360\"><\/a><a name=\"_Toc13722\"><\/a>6.1.1 NSFOCUS Threat Situation Awareness Platform (TSA)<\/strong><\/h3>\n<p>TSA &acirc;&euro;&ldquo; V2.0R00F02 (importing a rule upgrade package)<\/p>\n<p>(1) Access BSA and then select <strong>Rule Engine<\/strong>, as shown in the following figure.<\/p>\n<p>(2) Choose <strong>Upgrade<\/strong>.<\/p>\n<p>(3) Click <strong>Choose File<\/strong>, select <strong>tsa_rule.2.1.7.203307.dat<\/strong>, click <strong>Import<\/strong>, and then click <strong>OK<\/strong>.<\/p>\n<p>(4) Check the upgrade result in the upgrade record area.<\/p>\n<p><a name=\"_Toc11640\"><\/a><a name=\"_Toc2787\"><\/a>For any problems during the upgrade, please contact us at 400-818-6868.<\/p>\n<p>TSA &acirc;&euro;&ldquo; other versions (custom rules)<\/p>\n<p>(1) Access BSA and then select <strong>Rule Engine<\/strong>.<\/p>\n<p>(2) Click <strong>Create Rule<\/strong>.<\/p>\n<p>(3) Configure intrusion protection rules as follows:<\/p>\n<ul>\n<li>Mode: Expert<\/li>\n<li>Category: Network intrusion<\/li>\n<li>SQL:<\/li>\n<\/ul>\n<p>select sip, dip, sum(last_times) as atk_count, sip, dip, min(timestamp) as start_time, max(timestamp) as end_time, concat_agg(related_id_list) as related_id_list<\/p>\n<p>from internal_app_bsaips.ipslog<\/p>\n<p>where rule_id = 24671<\/p>\n<p>group by sip, dip<\/p>\n<p>(4) Click <strong>Next<\/strong> and then set parameters as follows on the <strong>Attribute Configuration<\/strong> page:<\/p>\n<ul>\n<li><strong>Name<\/strong>: WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability Attack<\/li>\n<li><strong>Risk Level<\/strong>: Medium<\/li>\n<li><strong>Phase<\/strong>: Exploitation<\/li>\n<li><strong>Timeout<\/strong>: 1800 (default)<\/li>\n<li><strong>Duration<\/strong>: 3600 (default)<\/li>\n<li><strong>Merged Attribute<\/strong>: sip, dip<\/li>\n<li><strong>Event Type<\/strong>: System intrusion &acirc;&euro;&ldquo; exploit<\/li>\n<li><strong>Description<\/strong>: This vulnerability could be exploited to bypass the latest security update issued by Oracle in October 2019. Via IIOP, an attacker could access the remote interface of the WebLogic Server to deliver malicious data, in a bid to gain server privileges and execute arbitrary code remotely without authorization.<\/li>\n<li><strong>Suggestion<\/strong>: Currently, Oracle&#8217;s this CPU contains patches only for WebLogic Server V12.2.1.4.0 and those for other versions will be released on January 31. Users are advised to check Oracle&#8217;s official security bulletins from time to time to get the related patch as soon as possible. &lt;0<\/li>\n<li>}}<strong>Mitigation<\/strong>: The risk of this vulnerability can be mitigated by disabling the IIOP protocol. To disable the IIOP protocol, follow these steps: Access the administration console of WebLogic Server. Choose <strong>Service &gt; AdminServer &gt; Protocol<\/strong>, deselect <strong>Enable IIOP<\/strong>, and restart WebLogic items to make the setting take effect.<\/li>\n<\/ul>\n<p>(5) Click <strong>Complete<\/strong> to complete configuration of the website security rule.<\/p>\n<p>(6) Enable the rule in the rule list.<\/p>\n<ul>\n<li><a name=\"_Toc7215\"><\/a><a name=\"_Toc22284\"><\/a>NSFOCUS Enterprise Security Platform (ESP)<\/li>\n<\/ul>\n<p>(1) Log in to ESP\/ESP-H.<\/p>\n<p>(2) Choose <strong>Security Analysis &gt; Event Rules<\/strong>.<\/p>\n<p>(3) Click <strong>Import Rule (*.dat)<\/strong>. For the ESP-H F07 series, import the rule package<strong> ESP-EVENTRULE-001-20200116.dat<\/strong>.For ESP or ESP-H F06 series, import the rule package <strong>ESP-EVENTRULE-002-20200116.dat<\/strong>.<\/p>\n<p><a name=\"_Toc30149\"><\/a><a name=\"_Toc5317\"><\/a>For any problems during the upgrade, please contact us at 400-818-6868.<\/p>\n<h3><strong>6.1.2 NSFOCUS Threat Analysis and Management Platform (TAM, New Version)<\/strong><\/h3>\n<p>Update the rule for protection against the WebLogic vulnerability exploit attempt. The procedure is as follows:<\/p>\n<p>(1) Access TAM.<\/p>\n<p>(2) Choose <strong>Scenario Management &gt; Scenario Configuration<\/strong> and click <strong>Upload<\/strong> in the upper-right corner of the page to upload <strong>tam_rule.2.0.7.202109.dat<\/strong>.<\/p>\n<p>If the upload succeeds, a message is displayed next to <strong>Upload<\/strong> to indicate the upload success.<\/p>\n<p><a name=\"_Toc21916\"><\/a><a name=\"_Toc13975\"><\/a>For other versions, you are advised to upgrade it to TAM V2.0R00F00SP07.<\/p>\n<h3><strong>6.1.3 NSFOCUS Intelligent Security Operation Platform (ISOP)<\/strong><\/h3>\n<p>(1) Log in to NSFOCUS ISOP and install the rule upgrade package to attack_rule.1.0.0.0.203289.<\/p>\n<p>(2) Click <strong>System Update<\/strong>.<\/p>\n<p>(2) Click <strong>Unified Rule Package Update<\/strong>, select the rule upgrade package <strong>attack_rule.1.0.0.0.203289<\/strong>, and click <strong>Update<\/strong> after the package is uploaded.<\/p>\n<p>Upgrade package download link:<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listisopdetail\/v\/V3.0R01F00NG\"><strong>http:\/\/update.nsfocus.com\/update\/listisopdetail\/v\/V3.0R01F00NG<\/strong><\/a><\/p>\n<ul>\n<li>Scanning Configuration on RSAS<\/li>\n<\/ul>\n<p>To use RSAS to scan for this vulnerability, users should download the latest plug-in version.<\/p>\n<p>For example, you can download the rule package for RSAS V6.0 from the following link:<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulsys\"><strong>http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulsys<\/strong><\/a><\/p>\n<p>On RSAS, choose <strong>Services &gt; System Upgrade<\/strong>, and click <strong>Select File<\/strong> in the <strong>Manual Upgrade<\/strong> area to select the update file just downloaded.<\/p>\n<p>Click <strong>Upgrade<\/strong>.<br \/>\nWait for the installation to complete. After the update, you can create a custom scanning template to scan the system for this vulnerability.<\/p>\n<ul>\n<li>Detection Configuration on UTS<\/li>\n<\/ul>\n<p>Download the latest rule update of UTS from the following link:<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listBsaUtsDetail\/v\/rule2.0.0\"><strong>http:\/\/update.nsfocus.com\/update\/listBsaUtsDetail\/v\/rule2.0.0<\/strong><\/a><\/p>\n<p>On UTS, choose <strong>System &gt; System Upgrade &gt; Offline Upgrade <\/strong>and browse to the update file just downloaded and click <strong>Upload<\/strong>.<\/p>\n<p>Wait for the installation to complete.<\/p>\n<ul>\n<li>Protection Configuration on NIPS<\/li>\n<\/ul>\n<p>NIPS users can address this vulnerability by updating the rule base. The procedure is as follows:<\/p>\n<p>You can download the latest rule base of NSFOCUS NIPS from our official website. Following is a link to the latest rule base for NSFOCUS NIPS V5.6.10:<\/p>\n<p><strong>http:\/\/update.nsfocus.com\/update\/listNewipsDetail\/v\/rule5.6.10<\/strong><\/p>\n<p>On the web-based manager of NSFOCUS NIPS, choose <strong>System &gt; System Update &gt; Offline Update<\/strong> and browse to the update file just downloaded and click <strong>Upload<\/strong>.<\/p>\n<p>After the update is installed, retrieve rule ID 24671 from the default rule base to view rule details.<\/p>\n<p><strong>Note: After the update is installed, the engine automatically restarts to make it take effect, which does not disconnect any sessions, but may cause the loss of three to five packets during ping operations. Therefore, it is recommended that the update be installed at an appropriate time.<\/strong><\/p>\n<h2><strong>Statement<\/strong><\/h2>\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n<h2><strong>About NSFOCUS<\/strong><\/h2>\n<p>NSFOCUS Information Technology Co., Ltd. (NSFOCUS) was founded in April 2000. Headquartered in Beijing, the company has more than 30 branches and subsidiaries at home and abroad, providing most competitive security products and solutions for government, carrier, financial, energy, Internet, education, and healthcare sectors to ensure customers&#8217; business continuity.<\/p>\n<p>Based on years of research in security assurance, NSFOCUS has set foot in network and terminal security, Internet infrastructure security, and compliance and security management. The company provides the intrusion detection\/prevention system, anti-DDoS system, remote security assessment system, and web security protection products as well as professional security services for customers.<\/p>\n<p>NSFOCUS Information Technology Co., Ltd. started trading its shares at China&#8217;s Nasdaq-style market, ChiNext, in Shenzhen on January 29, 2014, with the name of NSFOCUS and code of 300369.<\/body><\/html><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet Inter-ORB Protocol (IIOP) used by the WLA component in WebLogic.<\/p>\n","protected":false},"author":1,"featured_media":10033,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[6],"tags":[744],"class_list":["post-10030","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-emergency-response","tag-weblogic-wls"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2020-02-12T01:46:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert\",\"datePublished\":\"2020-02-12T01:46:05+00:00\",\"dateModified\":\"2026-04-17T18:07:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/\"},\"wordCount\":1793,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/02\\\/0212-3.jpg\",\"keywords\":[\"WebLogic WLS\"],\"articleSection\":[\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/\",\"name\":\"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/02\\\/0212-3.jpg\",\"datePublished\":\"2020-02-12T01:46:05+00:00\",\"dateModified\":\"2026-04-17T18:07:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/02\\\/0212-3.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/02\\\/0212-3.jpg\",\"width\":416,\"height\":233,\"caption\":\"oracle\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS","og_description":"Overview Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet","og_url":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/","og_site_name":"NSFOCUS","article_published_time":"2020-02-12T01:46:05+00:00","article_modified_time":"2026-04-17T18:07:50+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS","twitter_description":"Overview Oracle released Critical Patch Update (CPU) for January 2020, announcing a remote code execution vulnerability (CVE-2020-2551) in the Internet","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"9 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert","datePublished":"2020-02-12T01:46:05+00:00","dateModified":"2026-04-17T18:07:50+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/"},"wordCount":1793,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg","keywords":["WebLogic WLS"],"articleSection":["Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/","url":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/","name":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg","datePublished":"2020-02-12T01:46:05+00:00","dateModified":"2026-04-17T18:07:50+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/02\/0212-3.jpg","width":416,"height":233,"caption":"oracle"},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/weblogic-wls-component-iiop-protocol-remote-code-execution-vulnerability-cve-2020-2551-threat-alert\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"WebLogic WLS Component IIOP Protocol Remote Code Execution Vulnerability (CVE-2020-2551) Threat Alert"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/10030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=10030"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/10030\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/10033"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=10030"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=10030"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=10030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}