Oracle has released an emergency patch for a Weblogic remote code execution (RCE) vulnerability CVE-2020-14750.
The new out-of-band Oracle security update is related to CVE-2020-14882, that was addressed in the October 2020 Critical Patch Update.
“It is remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password,” Oracle stated in the security alert.
In addition, the Critical vulnerability has a CVSS score of 9.8.
Oracle recommends that customers apply the security patch for CVE-2020-14750 to the Oracle Database components of Oracle Fusion Middleware products.