Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOracle Agile Plm
APPOracle9.3.39.3.49.3.5Oracle Communications Converged Application Server
APPOracle5.17.07.1Oracle Peoplesoft Enterprise Peopletools
APPOracle8.568.578.58Oracle Storagetek Tape Analytics Sw Tool
APPOracle2.3Oracle Tape Library Acsls
APPOracle8.5Oracle Tape Virtual Storage Manager Gui
APPOracle6.2Oracle Vm Virtualbox
APPOracle5.2.366.1.0 – 6.1.2 (bez)< 5.2.366.0.0 – 6.0.16 (bez)Oracle Weblogic Server
APPOracle10.3.6.0.012.1.3.0.0
CISA KEV — szczegółyi
- Dostawcai
- Oracle ↗
- Produkti
- WebLogic Server
- Data dodania do KEVi
- 10 stycznia 2022
- Termin remediation (USA)i
- 10 lipca 2022(po terminie)
- Ransomwarei
- Aktywne kampanie ransomware używają tej podatności
Zastosuj aktualizacje zgodnie z instrukcjami producenta.
▸ Pokaż oryginał (EN)
Apply updates per vendor instructions.
Luka podatności na injection w komponencie Oracle WebLogic Server oprogramowania Oracle Fusion Middleware (podkomponent: Web Services).
▸ Pokaż oryginał (EN)
Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
Powiązane podatności
Pominięcie uwierzytelnienia w Oracle PeopleSoft PeopleTools (RCE/Takeover)
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported v...