Oracle WebLogic Server Core Component Vulnerability Allowing Unauthenticated Data Manipulation

Vulnerability

A vulnerability exists in Oracle WebLogic Server within the Oracle Fusion Middleware suite, specifically in the Core component. The affected versions are 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0. This vulnerability allows an unauthenticated attacker with access to the infrastructure running Oracle WebLogic Server to compromise the server. Exploitation of this vulnerability could lead to unauthorized modifications, additions, or deletions of data accessible to Oracle WebLogic Server.

Impact

Exploitation of this vulnerability could result in unauthorized changes to data managed by Oracle WebLogic Server.

Added: Jul 15, 2025, 10:21 PM

Updated: Jul 15, 2025, 10:21 PM

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

5.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.4

impact

0.6

exploitability

5.4

remediation

0.0

relevance

0.3

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle WebLogic Server Core Component Vulnerability Allowing Unauthenticated Data Manipulation

Vulnerability

Impact

Affected Products

Oracle WebLogic Server

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating