Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Remediation
References
Related Vulnerabilities
WordPress Plugin Wordpress Uninstall Cross-Site Request Forgery (1.2.1)
WordPress Plugin Ultimate GDPR & CCPA Compliance Toolkit for WordPress Security Bypass (2.4)
Apache Traffic Server Integer Overflow or Wraparound Vulnerability (CVE-2018-9481)
Oracle Database Server CVE-2008-0344 Vulnerability (CVE-2008-0344)
WordPress Plugin GDPR CCPA Compliance Support PHP Object Injection (2.3)