Oracle WebLogic Server Core Component Unauthenticated Data Access Vulnerability

Vulnerability

An unauthenticated vulnerability allowing network-based attackers to access critical data on Oracle WebLogic Server has been identified. This issue affects versions 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0. The vulnerability is easily exploitable and arises from network access via T3 or IIOP, potentially leading to unauthorized access to sensitive information or complete access to all data available through Oracle WebLogic Server.

Impact

Exploitation of this vulnerability could result in unauthorized access to critical data or complete access to all data accessible through Oracle WebLogic Server.

Added: Jul 15, 2025, 11:00 PM

Updated: Jul 15, 2025, 11:00 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

7.6

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

2.5

exploitability

7.6

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle WebLogic Server Core Component Unauthenticated Data Access Vulnerability

Vulnerability

Impact

Affected Products

Oracle WebLogic Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating