Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
HTTP-reachable Imaging endpoint exploitable with no auth or user interaction; description confirms read and write to all Imaging data (C:H/I:H) but no availability impact (A:N).
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all WebCenter Content: Imaging accessible data as well as unauthorized access to critical data or complete access to all WebCenter Content: Imaging accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
AnalysisAI
Unauthenticated remote compromise of Oracle WebCenter Content: Imaging (component: Core) in Oracle Fusion Middleware versions 12.2.1.4.0 and 14.1.2.0.0 allows attackers to read and modify all data accessible to the Imaging service over HTTP. The flaw is rated CVSS 9.1 with high confidentiality and integrity impact but no availability impact, and Oracle classifies it as easily exploitable. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions - remote unauthenticated exploitation against default configurations of Oracle WebCenter Content: Imaging 12.2.1.4.0 or 14.1.2.0.0 reachable over HTTP, with no user interaction required (AV:N/AC:L/PR:N/UI:N). … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | CVSS 3.1 9.1 with AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N indicates a high-severity, low-complexity, fully unauthenticated network attack - exactly the profile that defenders should treat as priority for any internet- or partner-network-exposed Imaging instance. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who can reach the WebCenter Content: Imaging HTTP endpoint over the network sends crafted HTTP requests to the vulnerable Core component without supplying valid credentials, abusing the missing authentication enforcement to read stored documents and metadata or to create, modify, and delete Imaging records. Because availability is not impacted, the activity may go unnoticed while sensitive scanned content (invoices, contracts, HR documents) is exfiltrated or tampered with. … |
| Remediation | Apply patch available per vendor advisory by installing the June 2026 Oracle Critical Patch Update for Fusion Middleware / WebCenter Content as documented at https://www.oracle.com/security-alerts/cspujun2026.html; exact fix bundle numbers should be taken from the Oracle CPU patch matrix for the 12.2.1.4.0 and 14.1.2.0.0 trains rather than invented here. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all systems running Oracle WebCenter Content: Imaging versions 12.2.1.4.0 or 14.1.2.0.0 and determine network accessibility. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Webcenter Content
View allVulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Remote unauthenticated takeover of Oracle WebCenter Content: Imaging (versions 12.2.1.4.0 and 14.1.2.0.0) is possible vi
Account takeover in Oracle WebCenter Content: Imaging (Fusion Middleware) allows a low-privileged authenticated attacker
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated med
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated med
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37302