{"id":10620,"date":"2020-05-19T09:50:32","date_gmt":"2020-05-19T09:50:32","guid":{"rendered":"https:\/\/nsfocusglobal.com\/?p=10620"},"modified":"2026-04-17T18:07:49","modified_gmt":"2026-04-17T18:07:49","slug":"weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/","title":{"rendered":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution"},"content":{"rendered":"<!DOCTYPE html PUBLIC \"-\/\/W3C\/\/DTD HTML 4.0 Transitional\/\/EN\" \"http:\/\/www.w3.org\/TR\/REC-html40\/loose.dtd\">\n<html><body><h2 class=\"wp-block-heading\"><strong>Overview<\/strong><\/h2>\n\n\n\n<p>Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical ones (CVE-2020-2883 and CVE-2020-2884) with a CVSS score of 9.8 that allow unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation could result in takeover of Oracle WebLogic Server, hence remote code execution.<\/p>\n\n\n\n<p>The two vulnerabilities that exist in the Core component of WebLogic Server could be exploited without authentication or additional interaction. Since the T3 protocol is enabled by default on the WebLogic console, the two vulnerabilities can cause an extensive impact. Affected users are strongly advised to apply protection measures as soon as possible for risk aversion.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>Researchers from NSFOCUS has reproduced the preceding vulnerabilities immediately upon their discovery.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img fetchpriority=\"high\" decoding=\"async\" width=\"394\" height=\"472\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/06\/0519-1.png\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-10621\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/06\/0519-1.png 394w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/06\/0519-1-250x300.png 250w\" sizes=\"(max-width: 394px) 100vw, 394px\" \/><\/figure>\n\n\n\n<p>For details about the Oracle CPU, please visit the following link:<\/p>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttps:\/\/www.oracle.com\/security-alerts\/cpuapr2020.html\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Affected Versions<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li>Oracle WebLogic Server 10.3.6.0.0<\/li><li>Oracle WebLogic Server 12.1.3.0.0<\/li><li>Oracle WebLogic Server 12.2.1.3.0<\/li><li>Oracle WebLogic Server 12.2.1.4.0<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Check for the Vulnerabilities<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Local Check<\/strong><\/li><\/ul>\n\n\n\n<p>Run the following commands to view the WebLogic version and installed patches:<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>$ cd \/Oracle\/Middleware\/wlserver_10.3\/server\/lib $ java -cp weblogic.jar weblogic.version<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p>The command output below shows that WebLogic has no patch installed and thus is at risk.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" width=\"567\" height=\"127\" src=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/06\/0519-2.png\" alt=\"Red circular no entry sign with a white horizontal bar.\" class=\"wp-image-10622\" srcset=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/06\/0519-2.png 567w, https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/06\/0519-2-300x67.png 300w\" sizes=\"(max-width: 567px) 100vw, 567px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Technical Solutions<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Official Fix<\/strong><\/li><\/ul>\n\n\n\n<p>Oracle has released patches to fix the vulnerabilities in question. Affected users should visit the official security bulletin link to download related patches as soon as possible and apply them as indicated in the readme file to ensure long-term effective protection.<\/p>\n\n\n\n<p>Note: Official patches of Oracle can be downloaded only by those with a licensed account of the software. Such users can use that account to log in to <a href=\"https:\/\/support.oracle.com\/\"><strong>https:\/\/support.oracle.com<\/strong><\/a> to obtain the latest patches.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Workaround<\/strong><\/li><\/ul>\n\n\n\n<p>You can temporarily block attacks based on these vulnerabilities by restricting network access via T3. The procedure is as follows:<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>Access the administration console of WebLogic Server. Click <strong>base_domain<\/strong> in the left pane and then click the <strong>Security<\/strong> and <strong>Filter<\/strong> tabs successively to open the filter configuration page.<\/li><li>Type <strong>security.net.ConnectionFilterImpl <\/strong>in the <strong>Connection Filter<\/strong> field and configure connection filter rules as required in the <strong>Connection Filter Rules<\/strong> field. Rule formats are as follows:<\/li><\/ol>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>127.0.0.1 * * allow t3 t3s Local IP * * allow t3 t3s Allowed IP * * allow t3 t3s * * * deny t3 t3s<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<ol class=\"wp-block-list\" start=\"3\"><li>Click <strong>Save<\/strong> to make the rules take effect. If rules do not take effect, you are advised to restart the WebLogic service. It should be noted that restarting the WebLogic service will cause service interruption for a short while, and therefore you need to ask related personnel to evaluate the service impact before this operation.<\/li><\/ol>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>NSFOCUS&#8217;s Recommendations<\/strong><\/li><\/ul>\n\n\n\n<p><strong>Using NSFOCUS&#8217;s Detection Product or Service to Detect the Vulnerabilities<\/strong><\/p>\n\n\n\n<p>For internal assets, you can use NSFOCUS Remote Security Assessment System (RSAS V6), Web Vulnerability Scanning System (WVSS), Network Intrusion Detection System (NIDS), or Unified Threat Sensor (UTS) to check for the vulnerabilities:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>RSAS V6:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/listRsas\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>WVSS:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/listWvss\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>NIDS:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/listIds\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>UTS:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/bsaUtsIndex\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Upgrade Package\/Rule Base Versions of Detection and Protection Products<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>Detection Product<\/strong><\/td><td><strong>Upgrade Package\/Rule Base Version<\/strong><\/td><\/tr><tr><td><strong>RSAS V6&#8217;s <\/strong><strong>S<\/strong><strong>ystem Plug-in<\/strong><\/td><td>6.0R02F01.1804<\/td><\/tr><tr><td><strong>RSAS V6&#8217;s Web Plug-in<\/strong><\/td><td>6.0R02F00.1702<\/td><\/tr><tr><td><strong>WVSS V6&#8217;s Plug-in<\/strong><\/td><td>6.0R03F00.159<\/td><\/tr><tr><td><strong>NIDS<\/strong><\/td><td>5.6.10.22420, 5.6.9.22420<\/td><\/tr><tr><td><strong>UTS<\/strong><\/td><td>5.6.10.22154<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>RSAS V6&#8217;s system plug-in package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104435\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>RSAS V6&#8217;s web plug-in package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104252\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>WVSS V6&#8217;s plug-in package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104262\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>NIDS upgrade package download links:<\/li><\/ul>\n\n\n\n<p>5.6.10.22420<\/p>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104039\n<\/div><\/figure>\n\n\n\n<p>5.6.9.22420<\/p>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104038\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>UTS upgrade package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/103172\n<\/div><\/figure>\n\n\n\n<p><strong>Using NSFOCUS&#8217;s Protection Product or Service to Protect Against the Exploitation of the Vulnerabilities<\/strong><\/p>\n\n\n\n<p>You can use NSFOCUS Network Intrusion Protection System (NIPS) to protect against these vulnerabilities.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>NIPS:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/listIps\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>Upgrade Package\/Rule Base Versions of Protection Products<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td><strong>Protection Product<\/strong><\/td><td><strong>Upgrade Package\/Rule Base Version<\/strong><\/td><td><strong>Rule ID<\/strong><\/td><\/tr><tr><td><strong>NIPS<\/strong><\/td><td>5.6.10.22420 5.6.9.22420<\/td><td>23614<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>NIPS upgrade package download links:<\/li><\/ul>\n\n\n\n<p>5.6.10.22420<\/p>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104039\n<\/div><\/figure>\n\n\n\n<p>5.6.9.22420<\/p>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/104038\n<\/div><\/figure>\n\n\n\n<p><strong>Upgrading NSFOCUS&#8217;s Security Platforms<\/strong><\/p>\n\n\n\n<figure class=\"wp-block-table is-style-stripes\"><table><tbody><tr><td><strong>Platform<\/strong><\/td><td><strong>Upgrade Package\/Rule Base Version<\/strong><\/td><\/tr><tr><td><strong>NSFOCUS Enterprise Security Platform Solution (ESP)<\/strong> <strong>NSFOCUS Enterprise Security Platform (Host) (ESP-H) F06<\/strong><\/td><td>ESP-EVENTRULE-004-20200221<\/td><\/tr><tr><td><strong>NSFOCUS E<\/strong><strong>SP-H F07<\/strong><\/td><td>ESP-EVENTRULE-003-20200221<\/td><\/tr><tr><td><strong>NSFOCUS I<\/strong><strong>ntelligent Security Operation Platform Solution (ISOP)<\/strong><\/td><td>1.0.0.0.210052<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>ESP and ESP-H F06 upgrade package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/102586\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>ESP-H F07 upgrade package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/102585\n<\/div><\/figure>\n\n\n\n<ul class=\"wp-block-list\"><li>ISOP upgrade package download link:<\/li><\/ul>\n\n\n\n<figure class=\"wp-block-embed\"><div class=\"wp-block-embed__wrapper\">\nhttp:\/\/update.nsfocus.com\/update\/downloads\/id\/103918\n<\/div><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Appendix: Product Use Guides<\/strong><\/h2>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Scanning Configuration on RSAS<\/strong><\/li><\/ul>\n\n\n\n<ol class=\"wp-block-list\"><li>On RSAS, under <strong>Services &gt; System Upgrade<\/strong>, click <strong>Choose File<\/strong> in the <strong>Manual Upgrade<\/strong> area and find the update file just downloaded.<\/li><li>Click <strong>Upgrade<\/strong>.<\/li><li>3. Wait for the installation to complete. Then create a custom scanning template to scan the system for this vulnerability.<\/li><\/ol>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Scanning Configuration on WVSS<\/strong><\/li><\/ul>\n\n\n\n<p>On WVSS, under <strong>Services &gt; System Upgrade<\/strong>, in the <strong>Manual Upgrade<\/strong> area, click <strong>Browse<\/strong> to find the update file just downloaded.<\/p>\n\n\n\n<p>Click <strong>Upgrade<\/strong>.<\/p>\n\n\n\n<p>Wait for the installation to complete. Then create a custom scanning template to scan the system for this vulnerability.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Detection Configuration on UTS<\/strong><\/li><\/ul>\n\n\n\n<p>On UTS, under <strong>System &gt; System Upgrade &gt; Offline Upgrade<\/strong>, browse to the update file just downloaded and click <strong>Upload<\/strong>.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Protection Configuration on NIPS<\/strong><\/li><\/ul>\n\n\n\n<p>On NIPS, under <strong>System &gt; System Update &gt; Offline Update<\/strong>, browse to the update file just downloaded and click <strong>Upload<\/strong>.<\/p>\n\n\n\n<p>After the update is installed, find the rule by ID 24298 in the default rule base and view rule details.<\/p>\n\n\n\n<p><strong>Note: After the update is installed, the engine automatically restarts to make it take effect, which does not disconnect any sessions, but may cause the loss of three to five packets during ping operations. Therefore, it is recommended that the update be installed at an appropriate time.<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Configuration on ISOP<\/strong><\/li><\/ul>\n\n\n\n<p>First, log in to the ISOP platform and click <strong>System Upgrade<\/strong>.<\/p>\n\n\n\n<p>Then, on the <strong>Unified Rule Base Upgrade<\/strong> page, select <strong>Attack Identification Rule Package<\/strong>, upload the latest rule upgrade package, and click <strong>Upgrade<\/strong>.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong>Configuration on ESP<\/strong><\/li><\/ul>\n\n\n\n<ol class=\"wp-block-list\"><li>Log in to the ESP or ESP-H platform.<\/li><li>Choose <strong>Security Analysis &gt; Event Rule<\/strong>.<\/li><li>Click <strong>Import Rule<\/strong>.<\/li><\/ol>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Statement<\/strong><\/h2>\n\n\n\n<p>This advisory is only used to describe a potential risk. NSFOCUS does not provide any commitment or promise on this advisory. NSFOCUS and the author will not bear any liability for any direct and\/or indirect consequences and losses caused by transmitting and\/or using this advisory. NSFOCUS reserves all the rights to modify and interpret this advisory. Please include this statement paragraph when reproducing or transferring this advisory. Do not modify this advisory, add\/delete any information to\/from it, or use this advisory for commercial purposes without permission from NSFOCUS.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>About NSFOCUS<\/strong><\/h2>\n\n\n\n<p>NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks. The company&#8217;s Intelligent Hybrid Security strategy utilizes both cloud and on-premises security platforms, built on a foundation of real-time global threat intelligence, to provide multi-layered, unified and dynamic protection against advanced cyber attacks.<\/p>\n\n\n\n<p>NSFOCUS works with Fortune Global 500 companies, including four of the world&#8217;s five largest financial institutions, organizations in insurance, retail, healthcare, critical infrastructure industries as well as government agencies. NSFOCUS has technology and channel partners in more than 60 countries, is a member of both the Microsoft Active Protections Program (MAPP), and the Cloud Security Alliance (CSA).<\/p>\n\n\n\n<p>A wholly owned subsidiary of NSFOCUS Technologies Group Co., Ltd., the company has operations in the Americas, Europe, the Middle East and Asia Pacific.<\/p>\n<\/body><\/html>\n","protected":false},"excerpt":{"rendered":"<p>Overview Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical ones (CVE-2020-2883 and CVE-2020-2884) with a CVSS score of 9.8 that allow unauthenticated attackers with network access via T3 to compromise vulnerable Oracle WebLogic Server. Successful exploitation could result in takeover of Oracle WebLogic [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":9943,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[5,6],"tags":[742],"class_list":["post-10620","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-ddos-mitigation","category-emergency-response","tag-weblogic"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-19T09:50:32+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-04-17T18:07:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution\",\"datePublished\":\"2020-05-19T09:50:32+00:00\",\"dateModified\":\"2026-04-17T18:07:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/\"},\"wordCount\":1289,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/weblogic-server.jpg\",\"keywords\":[\"WebLogic\"],\"articleSection\":[\"DDoS Mitigation\",\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/\",\"name\":\"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/weblogic-server.jpg\",\"datePublished\":\"2020-05-19T09:50:32+00:00\",\"dateModified\":\"2026-04-17T18:07:49+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/weblogic-server.jpg\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2020\\\/01\\\/weblogic-server.jpg\",\"width\":554,\"height\":291,\"caption\":\"Oracle WebLogic Server logo and text.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS","og_description":"Overview Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical","og_url":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/","og_site_name":"NSFOCUS","article_published_time":"2020-05-19T09:50:32+00:00","article_modified_time":"2026-04-17T18:07:49+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS","twitter_description":"Overview Oracle released Critical Patch Update (CPU) for April 2020 that fixes multiple vulnerabilities of different risk levels, including two critical","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution","datePublished":"2020-05-19T09:50:32+00:00","dateModified":"2026-04-17T18:07:49+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/"},"wordCount":1289,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg","keywords":["WebLogic"],"articleSection":["DDoS Mitigation","Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/","url":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/","name":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg","datePublished":"2020-05-19T09:50:32+00:00","dateModified":"2026-04-17T18:07:49+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2020\/01\/weblogic-server.jpg","width":554,"height":291,"caption":"Oracle WebLogic Server logo and text."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/weblogic-remote-code-execution-vulnerabilities-cve-2020-2883-and-cve-2020-2884-protection-solution\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"WebLogic Remote Code Execution Vulnerabilities (CVE-2020-2883 and CVE-2020-2884) Protection Solution"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/10620","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=10620"}],"version-history":[{"count":0,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/10620\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/9943"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=10620"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=10620"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=10620"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}