Oracle WebLogic Server Core Component Unauthorized Remote Takeover Vulnerability

Vulnerability

A vulnerability exists in Oracle WebLogic Server within the Oracle Fusion Middleware suite, specifically in the Core component. This issue affects version 12.2.1.4.0 and 14.1.1.0.0. The vulnerability allows an unauthenticated attacker with network access via T3 or IIOP to compromise the WebLogic Server. Exploitation of this vulnerability can lead to a complete takeover of the server.

Impact

Exploitation of this vulnerability can result in a full takeover of the affected Oracle WebLogic Server.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

7.5

exploitability

7.6

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

7.5

exploitability

7.6

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle WebLogic Server Core Component Unauthorized Remote Takeover Vulnerability

Vulnerability

Impact

Affected Products

Oracle WebLogic Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating