Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HOracle Communications Diameter Signaling Router
APPOracle8.08.18.28.2.1Oracle Communications Network Integrity
APPOracle7.3.2 – 7.3.6Oracle Hyperion Infrastructure Technology
APPOracle11.1.2.411.2.5.0Oracle Identity Manager
APPOracle11.1.2.3.012.2.1.3.0Oracle Peoplesoft Enterprise Peopletools
APPOracle8.568.578.58Oracle Rapid Planning
APPOracle12.112.2Oracle Storagetek Tape Analytics Sw Tool
APPOracle2.3Oracle Tape Library Acsls
APPOracle8.5Oracle Weblogic Server
APPOracle10.3.6.0.012.1.3.0.012.2.1.3.0
Related vulnerabilities
Pominięcie uwierzytelnienia w Oracle PeopleSoft PeopleTools (RCE/Takeover)
Pominięcie uwierzytelnienia w Oracle Identity Manager REST WebServices
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) ...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supporte...