Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vendor confirms unauthenticated network HTTP exploitation with low complexity and no user interaction, resulting in full product takeover, justifying PR:N/UI:N and C/I/A:H.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Centralized Third Party Jars). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
AnalysisAI
Remote takeover of Oracle Coherence is possible by unauthenticated attackers with HTTP network access to affected Fusion Middleware deployments running versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, or 15.1.1.0.0. The flaw resides in the Centralized Third Party Jars component and carries a critical 9.8 CVSS score with full confidentiality, integrity, and availability impact; no public exploit identified at time of analysis, but the trivial attack profile and Oracle's CPU disclosure pattern make weaponization likely.
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Per the CVSS vector AV:N/AC:L/PR:N/UI:N, no special conditions are required beyond network HTTP reachability to an Oracle Coherence instance running 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, or 15.1.1.0.0; the attacker needs neither credentials nor user interaction. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | All CVSS signals point to maximum real-world risk: AV:N/AC:L/PR:N/UI:N means a remote, unauthenticated attacker can exploit the issue over HTTP without user interaction or special conditions, and C:H/I:H/A:H confirms full system takeover. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker scans for internet-reachable or internally exposed Oracle Coherence HTTP endpoints, then issues a single crafted HTTP request to the vulnerable Centralized Third Party Jars-handled path, achieving remote code execution as the Coherence/WebLogic process user and pivoting into cached business data, credentials, and the broader Fusion Middleware cluster. No authentication, user interaction, or chained vulnerabilities are required, and given Coherence's deployment role in financial, telecom, and government middleware stacks, a successful compromise typically yields high-value access. |
| Remediation | Apply the Oracle Critical Patch Update for June 2026 as documented at https://www.oracle.com/security-alerts/cspujun2026.html - the advisory ships fixes for all four affected versions (12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, 15.1.1.0.0); patch available per vendor advisory, though specific post-patch version strings are not enumerated in the source data and should be confirmed against the CPU patch matrix. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all Oracle Coherence deployments and their network accessibility; isolate affected instances from untrusted networks where operationally feasible. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Coherence
View allRemote takeover of Oracle Coherence (Fusion Middleware) via the Centralized Third Party Jars component allows an unauthe
Remote takeover of Oracle Coherence is possible via HTTP by an unauthenticated network attacker, affecting Oracle Fusion
Remote takeover of Oracle Coherence (Fusion Middleware component) is possible by unauthenticated network attackers reach
Remote unauthenticated takeover of Oracle Coherence (Oracle Fusion Middleware) is possible over HTTPS, affecting support
Unauthenticated remote compromise of Oracle Coherence 15.1.1.0.0 (Oracle Fusion Middleware, Centralized Third Party Jars
Unauthenticated remote compromise of Oracle Coherence 15.1.1.0.0 (Oracle Fusion Middleware) via HTTP allows attackers to
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37435