Skip to main content

Oracle WebCenter Content CVE-2026-35270

| EUVD-2026-37401 CRITICAL
Improper Access Control (CWE-284)
2026-06-16 oracle
Oracle Oracle Webcenter Content Authentication Bypass
9.1
CVSS 3.1 · Vendor: oracle
Share

Severity by source

Vendor (oracle) PRIMARY
9.1 CRITICAL
AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
vuln.today AI
9.1 CRITICAL

HTTP-reachable Content Server (AV:N, AC:L), requires admin-level Content Server account (PR:H), no UI, takeover plus impact on adjacent products gives S:C and C/I/A:H.

3.1 AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
Analysis Generated
Jun 16, 2026 - 21:20 vuln.today

DescriptionCVE.org

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebCenter Content. While the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Content. CVSS 3.1 Base Score 9.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

AnalysisAI

Privileged takeover of Oracle WebCenter Content (Content Server component) affects supported versions 12.2.1.4.0 and 14.1.2.0.0, enabling a high-privileged attacker with HTTP network access to fully compromise the instance and pivot to additional Fusion Middleware products via a scope change. The CVSS 3.1 base score is 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H), reflecting low attack complexity and full CIA impact. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain WebCenter Content admin credential
Delivery
Reach Content Server over HTTP
Exploit
Invoke vulnerable privileged function
Execution
Take over Content Server
Persist
Cross scope into adjacent Fusion Middleware product
Impact
Exfiltrate or tamper with enterprise content
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Attacker must (1) hold a high-privileged Oracle WebCenter Content account (PR:H - administrator-equivalent role on the Content Server), (2) have HTTP/HTTPS network reachability to the Content Server instance, and (3) be targeting a supported version 12.2.1.4.0 or 14.1.2.0.0 prior to the June 2026 CPU. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 3.1 vector AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H yields 9.1 because the scope change and full CIA impact outweigh the PR:H requirement - meaning a legitimate high-privileged Content Server account (an administrator or equivalent role) can compromise both WebCenter Content and adjacent products. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained a WebCenter Content administrator credential - through phishing, password reuse, or chaining from a separate Fusion Middleware vulnerability - authenticates to the Content Server over HTTP from anywhere on the network and invokes the vulnerable privileged function to take full control of WebCenter Content. Because the issue is scope-changing, the same action also lets them reach and tamper with adjacent products such as the underlying WebLogic domain or integrated repositories. …
Remediation Patch available per vendor advisory: apply the fixes for Oracle WebCenter Content shipped in the June 2026 Oracle Critical Patch Update (https://www.oracle.com/security-alerts/cspujun2026.html) to both the 12.2.1.4.0 and 14.1.2.0.0 branches, following Oracle's standard CPU prerequisites and the WebCenter Content patch readme. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

24 hours: Identify all Oracle WebCenter Content deployments running 12.2.1.4.0 or 14.1.2.0.0; restrict administrative access and review recent high-privilege account activity for compromise indicators. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-35316 CRITICAL
9.9 Jun 16

Account takeover in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 (Content Server component) allows a low-privilege
CVE-2026-35321 CRITICAL
9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is achievable by a low-privileged remote attacker over HT
CVE-2026-35323 CRITICAL
9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible by a low-privileged attacker sending HTTP req
CVE-2026-35286 CRITICAL
9.8 Jun 16

Remote takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to fully

CVE-2026-35319 CRITICAL
9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible via the Content Server

Share

CVE-2026-35270 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy