Skip to main content

Oracle WebCenter Content CVE-2026-35327

| EUVD-2026-37453 HIGH
Improper Access Control (CWE-284)
2026-06-16 oracle
Authentication Bypass Oracle Oracle Webcenter Content
7.6
CVSS 3.1 · Vendor: oracle
Share

Severity by source

Vendor (oracle) PRIMARY
7.6 HIGH
AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
vuln.today AI
7.6 HIGH

Reachable over HTTPS with low-privileged credentials and victim interaction; scope change reflects pivot beyond Content Server, with high confidentiality, limited integrity, and no availability impact.

3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:L/VA:N/SC:H/SI:L/SA:N

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jun 16, 2026 - 23:13 vuln.today

DescriptionCVE.org

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Content accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 7.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N).

AnalysisAI

Cross-tenant data exposure in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows a low-privileged authenticated attacker to compromise the Content Server component via HTTPS when a victim is tricked into interacting with attacker-supplied content. The flaw produces a scope change, meaning successful exploitation can reach beyond WebCenter Content itself, yielding high confidentiality loss and limited integrity modifications. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts
Continue with Google Continue with GitHub

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Authenticate as low-privileged user
Delivery
Submit malicious content to Content Server
Exploit
Higher-privileged user opens content
Execution
Payload executes in victim session
Persist
Pivot across scope to linked Fusion Middleware
Impact
Exfiltrate sensitive documents
Sign in to reveal

Vulnerability AssessmentAI

Exploitation Attacker must hold valid low-privileged credentials on the Oracle WebCenter Content Content Server (PR:L) and reach it over HTTPS, and a different user - not the attacker - must interact with the malicious content for the exploit to fire (UI:R). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment CVSS 3.1 rates this 7.6 (High), driven by network reach, low complexity, low privileges, and a scope change that elevates the blast radius beyond the vulnerable component. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A low-privileged WebCenter Content user (for example, a contributor account on a partner portal) uploads or submits crafted content into the Content Server that, when later opened by an administrator or other higher-privileged user through the normal UI, executes in that victim's authenticated context and exfiltrates sensitive documents or pivots into linked Fusion Middleware components. No public exploit code has been identified at time of analysis, but the low attack complexity and standard HTTPS vector make weaponization straightforward once an internal triage is published.
Remediation Apply the patches bundled in Oracle's Critical Patch Update of June 2026 as documented at https://www.oracle.com/security-alerts/cspujun2026.html, which is the only vendor-released fix path for the affected 12.2.1.4.0 and 14.1.2.0.0 releases; Oracle does not publish standalone hotfixes outside the CPU cycle. … Detailed patch versions, workarounds, and compensating controls in full report.
Sign in to read full assessment

Recommended ActionAI

Within 24 hours: Inventory all Oracle WebCenter Content deployments and identify affected versions (12.2.1.4.0 and 14.1.2.0.0); restrict Content Server HTTPS access to necessary personnel only. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

More from same product – last 7 days

CVE-2026-35316 CRITICAL
9.9 Jun 16

Account takeover in Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 (Content Server component) allows a low-privilege
CVE-2026-35321 CRITICAL
9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is achievable by a low-privileged remote attacker over HT
CVE-2026-35323 CRITICAL
9.9 Jun 16

Takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible by a low-privileged attacker sending HTTP req
CVE-2026-35286 CRITICAL
9.8 Jun 16

Remote takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to fully

CVE-2026-35319 CRITICAL
9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content 12.2.1.4.0 and 14.1.2.0.0 is possible via the Content Server

Share

CVE-2026-35327 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy