Description
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Remediation
References
Related Vulnerabilities
Jboss EAP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2026-4366)
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2020-1968)
WordPress Plugin Insert Pages Multiple Vulnerabilities (3.6.1)
Vanilla Forums Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2017-1000432)
WordPress Plugin FV Flowplayer Video Player Cross-Site Request Forgery (7.5.30.7210)