Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Remote HTTP exploitation with no auth or user interaction (AV:N/AC:L/PR:N/UI:N); scope change to adjacent Fusion Middleware products, full data disclosure (C:H), limited write (I:L), no availability impact.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). The supported version that is affected is 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. While the vulnerability is in Oracle Coherence, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Coherence accessible data as well as unauthorized update, insert or delete access to some of Oracle Coherence accessible data. CVSS 3.1 Base Score 9.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N).
AnalysisAI
Unauthenticated remote compromise of Oracle Coherence 15.1.1.0.0 (Oracle Fusion Middleware, Centralized Third Party Jars component) allows network-based attackers to read all Coherence-accessible data and perform limited data modification over HTTP, with a scope change that can impact additional products in the same deployment. Oracle rates the issue CVSS 9.3 and describes it as easily exploitable; no public exploit identified at time of analysis and it is not currently on the CISA KEV list.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Required: network HTTP reachability to an Oracle Coherence 15.1.1.0.0 instance with the Centralized Third Party Jars component in use - typically a Coherence cluster member or a Fusion Middleware host exposing a Coherence HTTP/management interface; no credentials, no user interaction, and no special non-default tunables are required per the CVSS vector (AV:N/AC:L/PR:N/UI:N) and Oracle's 'easily exploitable' wording. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | All available signals point to a high-priority issue: CVSS 3.1 base score 9.3 with AV:N/AC:L/PR:N/UI:N indicates remote, unauthenticated, low-complexity exploitation, and the S:C scope flag plus Oracle's own statement that 'attacks may significantly impact additional products' means a successful exploit can pivot trust to other Fusion Middleware components sharing the Coherence tier. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with network reachability to a Fusion Middleware host running Coherence 15.1.1.0.0 sends crafted HTTP requests to an exposed Coherence endpoint, bypassing authentication and reading cached data - for example user sessions, configuration objects, or business data held in the grid for an adjacent WebLogic application. Because of the scope change, the disclosed data and limited write capability can then be used to influence the behavior of other Fusion Middleware products that trust the Coherence tier, such as forging or modifying session-cached state. … |
| Remediation | Apply the Oracle Critical Patch Update referenced in https://www.oracle.com/security-alerts/cspujun2026.html for Oracle Coherence 15.1.1.0.0 as soon as possible; this is the vendor-released patch and Oracle classifies the issue as easily exploitable, so it should be prioritized in the next emergency change window. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: identify all systems running Oracle Coherence 15.1.1.0.0, restrict HTTP network access to administrative IPs via firewall rules, enable comprehensive HTTP request logging. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Coherence
View allRemote takeover of Oracle Coherence (Fusion Middleware) via the Centralized Third Party Jars component allows an unauthe
Remote takeover of Oracle Coherence is possible via HTTP by an unauthenticated network attacker, affecting Oracle Fusion
Remote takeover of Oracle Coherence (Fusion Middleware component) is possible by unauthenticated network attackers reach
Remote takeover of Oracle Coherence is possible by unauthenticated attackers with HTTP network access to affected Fusion
Remote unauthenticated takeover of Oracle Coherence (Oracle Fusion Middleware) is possible over HTTPS, affecting support
Unauthenticated remote compromise of Oracle Coherence 15.1.1.0.0 (Oracle Fusion Middleware) via HTTP allows attackers to
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37432