Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Oracle describes easy unauthenticated HTTP exploitation yielding full takeover with impact on adjacent products, justifying AV:N, AC:L, PR:N, UI:N, S:C and C/I/A:H.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. While the vulnerability is in Oracle Coherence, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
AnalysisAI
Remote takeover of Oracle Coherence (Fusion Middleware) via the Centralized Third Party Jars component allows an unauthenticated network attacker over HTTP to fully compromise affected deployments, with scope change permitting impact on additional connected products. Supported versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0 carry a maximum CVSS 3.1 base score of 10.0 across confidentiality, integrity, and availability. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Attacker needs network reachability to an HTTP endpoint served by, or fronting, the Oracle Coherence 'Centralized Third Party Jars' component on a vulnerable build (12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, or 15.1.1.0.0); no authentication, no user interaction, and no special configuration toggle are called out by Oracle as prerequisites. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | All available signals point to top-tier risk: CVSS 3.1 base score is the maximum 10.0 with AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H, meaning remote, unauthenticated, low-complexity exploitation with full CIA impact and scope change to neighboring components. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with HTTP reachability to an Oracle Coherence instance - for example, a Fusion Middleware host whose management or application HTTP endpoint is exposed to a corporate network or, in misconfigured cases, the internet - sends a crafted HTTP request to the vulnerable Centralized Third Party Jars handler. Because exploitation requires no authentication and no user interaction (PR:N/UI:N) and complexity is low (AC:L), a successful request leads to full takeover of the Coherence service and, due to scope change, compromise of co-hosted Fusion Middleware components such as WebLogic. … |
| Remediation | Apply patches from the Oracle Critical Patch Update referenced at https://www.oracle.com/security-alerts/cspujun2026.html for Oracle Coherence versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0; exact post-patch build numbers are listed in that advisory and should be cited from Oracle directly rather than inferred. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all systems running Oracle Coherence versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, or 15.1.1.0.0 and immediately restrict HTTP network access to trusted administrative IPs only. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Coherence
View allRemote takeover of Oracle Coherence is possible via HTTP by an unauthenticated network attacker, affecting Oracle Fusion
Remote takeover of Oracle Coherence (Fusion Middleware component) is possible by unauthenticated network attackers reach
Remote takeover of Oracle Coherence is possible by unauthenticated attackers with HTTP network access to affected Fusion
Remote unauthenticated takeover of Oracle Coherence (Oracle Fusion Middleware) is possible over HTTPS, affecting support
Unauthenticated remote compromise of Oracle Coherence 15.1.1.0.0 (Oracle Fusion Middleware, Centralized Third Party Jars
Unauthenticated remote compromise of Oracle Coherence 15.1.1.0.0 (Oracle Fusion Middleware) via HTTP allows attackers to
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37434