Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description states unauthenticated HTTP exploitation with full read and create/modify/delete of all accessible data and no availability impact, matching AV:N/AC:L/PR:N/UI:N/C:H/I:H/A:N.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: WebCenter Sites). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Sites accessible data as well as unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
AnalysisAI
Unauthenticated remote compromise of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible via HTTP, allowing attackers to read, create, modify, or delete all data accessible to the application. Oracle rates this as easily exploitable with no privileges or user interaction required (CVSS 9.1), and no public exploit identified at time of analysis. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | No special conditions - remote unauthenticated exploitation against default configurations of Oracle WebCenter Sites 12.2.1.4.0 or 14.1.2.0.0 over HTTP, with no user interaction and no privileges required per CVSS AV:N/AC:L/PR:N/UI:N. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N describes an easy-to-exploit, remote, unauthenticated flaw with high confidentiality and integrity impact and no availability impact, consistent with an authentication bypass that grants data access rather than crashing the service. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker on the Internet sends crafted HTTP requests to an exposed Oracle WebCenter Sites instance, bypassing authentication on a vulnerable endpoint to enumerate and download confidential site content, customer-facing data, and configuration accessible to the application. The same access is then used to create, modify, or delete content objects, enabling defacement of public sites or insertion of malicious links; no public exploit identified at time of analysis, but the CVSS AC:L/PR:N profile implies trivially reproducible exploitation once details are reverse-engineered from the CPU. |
| Remediation | Apply the patch available per vendor advisory by installing the fixes shipped in the Oracle Critical Patch Update of June 2026 at https://www.oracle.com/security-alerts/cspujun2026.html for both Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0; Oracle does not publish an independent fixed build number, so the CPU itself is the authoritative reference. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Conduct inventory of all Oracle WebCenter Sites instances; identify which run versions 12.2.1.4.0 or 14.1.2.0.0 and classify data sensitivity levels. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Oracle Webcenter Sites
View allRemote unauthenticated takeover of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible over HTTP, with a maximu
Remote takeover of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible by unauthenticated network attackers ove
Remote unauthenticated takeover of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible over HTTP, with the vend
Unauthenticated remote takeover of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible via HTTP, allowing attac
Remote takeover of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible by unauthenticated attackers over HTTP,
Remote code execution and full product takeover affects Oracle WebCenter Sites 14.1.2.0.0 within Oracle Fusion Middlewar
Remote takeover of Oracle WebCenter Sites versions 12.2.1.4.0 and 14.1.2.0.0 allows unauthenticated network attackers to
Account takeover in Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 allows a low-privileged remote attacker with HTTP a
Account takeover in Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 allows a low-privileged authenticated attacker with
Takeover of Oracle WebCenter Sites 12.2.1.4.0 and 14.1.2.0.0 is possible when a low-privileged attacker with HTTP networ
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37327