Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
LDAP service is network-reachable (AV:N), Oracle calls it easily exploitable with no auth or interaction (AC:L/PR:N/UI:N), and 'takeover' implies full C:H/I:H/A:H with no scope change.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: OUD Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via LDAP to compromise Oracle Unified Directory. Successful attacks of this vulnerability can result in takeover of Oracle Unified Directory. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
AnalysisAI
Unauthenticated LDAP-based takeover of Oracle Unified Directory affects supported versions 12.2.1.4.0 and 14.1.2.1.0 within Oracle Fusion Middleware, allowing a remote attacker with network reachability to the LDAP service to fully compromise the directory server. The flaw carries a CVSS 3.1 base score of 9.8 with high confidentiality, integrity, and availability impact, and no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | The attacker needs network reachability to the OUD Core LDAP service (typically TCP/389 or TCP/636) on an instance running supported version 12.2.1.4.0 or 14.1.2.1.0; no credentials, no user interaction, and no special configuration toggle are stated by Oracle as preconditions, matching the AV:N/AC:L/PR:N/UI:N vector. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | All available signals point to a high-priority issue: the CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N is fully unauthenticated and network-reachable, scope unchanged but with C:H/I:H/A:H amounting to a 9.8 critical score, and Oracle itself characterizes successful attacks as 'takeover' of the product. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker on a network segment that can reach the OUD LDAP port sends a crafted LDAP request to the OUD Core listener and, without authenticating, triggers the flaw to take control of the directory service. From that position the attacker reads or modifies user, group, and credential data, then pivots by issuing forged authentication responses or planting attacker-controlled accounts that any application relying on OUD will trust. … |
| Remediation | Apply the patches delivered in the Oracle Critical Patch Update of June 2026 as documented at https://www.oracle.com/security-alerts/cspujun2026.html for the affected branches 12.2.1.4.0 and 14.1.2.1.0; treat patch status as 'Patch available per vendor advisory' since the input does not list a specific fixed sub-version. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
WITHIN 24 HOURS: Inventory all OUD deployments running 12.2.1.4.0 or 14.1.2.1.0; immediately restrict LDAP/LDAPS network access (ports 389/636) to authorized internal systems only via firewall rules; review LDAP audit logs for unauthorized access or modifications. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Unified Directory
View allRemote takeover of Oracle Unified Directory 12.2.1.4.0 and 14.1.2.1.0 is possible via the OUD Core component's RMI inter
Unauthenticated LDAP-based compromise of Oracle Unified Directory 12.2.1.4.0 and 14.1.2.1.0 allows remote attackers to c
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37292