Skip to main content

Oracle WebCenter Content EUVDEUVD-2026-37298

| CVE-2026-46780 HIGH
Missing Authentication for Critical Function (CWE-306)
2026-06-16 oracle
8.8
CVSS 3.1 · Vendor: oracle
Share

Severity by source

Vendor (oracle) PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vuln.today AI
8.8 HIGH

Oracle confirms HTTP-reachable, easily exploitable flaw needing one low-privileged Imaging account, no user interaction, yielding full takeover of the Imaging component without scope change.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (oracle).

CVSS VectorVendor: oracle

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
CVE Published
Jun 22, 2026 - 06:03 cve.org
HIGH 8.8
Analysis Generated
Jun 16, 2026 - 23:08 vuln.today

DescriptionCVE.org

Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in takeover of WebCenter Content: Imaging. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

AnalysisAI

Account takeover in Oracle WebCenter Content: Imaging (Fusion Middleware) allows a low-privileged authenticated attacker with HTTP network access to fully compromise the Imaging component on versions 12.2.1.4.0 and 14.1.2.0.0. Oracle rates the flaw CVSS 8.8 with high impact across confidentiality, integrity, and availability, and describes it as 'easily exploitable.' No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Technical ContextAI

Oracle WebCenter Content: Imaging is the Fusion Middleware component that handles document imaging, capture, and content workflow on top of the WebCenter Content repository, typically deployed as a Java EE application on Oracle WebLogic Server. The advisory pinpoints the 'Core' subcomponent, indicating the flaw resides in the central Imaging logic rather than a peripheral integration adapter. No CWE is published by Oracle (per their standard CPU disclosure practice), but the combination of low-privilege HTTP access leading to product takeover is characteristic of authorization bypass or unsafe deserialization classes historically seen in WebCenter/WebLogic CPUs. The CPE 'cpe:2.3:a:oracle_corporation:webcenter_content:_imaging' confirms the Imaging product line is the affected surface.

RemediationAI

Apply the patches delivered in the Oracle Critical Patch Update of June 2026 referenced at https://www.oracle.com/security-alerts/cspujun2026.html, which is the only vendor-released fix for WebCenter Content: Imaging 12.2.1.4.0 and 14.1.2.0.0; exact patched build numbers are listed in the CPU patch matrix and must be obtained from My Oracle Support. Until the CPU bundle can be staged, restrict network reachability to the Imaging HTTP endpoints by placing the WebLogic managed server behind an authenticated reverse proxy or firewall ACL limited to trusted internal subnets, and audit Imaging user accounts to remove or strongly credential any low-privileged accounts (the PR:L requirement means even a basic Imaging user can be abused), accepting that proxy/ACL changes may break legitimate external capture clients or integrated business applications. Disabling the Imaging managed server entirely is a last-resort workaround that halts document capture workflows but eliminates the attack surface until patching.

CVE-2017-10075 HIGH POC
8.2 Aug 08

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2026-46783 CRITICAL
9.8 Jun 16

Remote unauthenticated takeover of Oracle WebCenter Content: Imaging (versions 12.2.1.4.0 and 14.1.2.0.0) is possible vi

CVE-2026-46784 CRITICAL
9.1 Jun 16

Unauthenticated remote compromise of Oracle WebCenter Content: Imaging (component: Core) in Oracle Fusion Middleware ver

CVE-2017-10360 HIGH
8.2 Oct 19

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2017-10040 HIGH
8.2 Aug 08

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2017-3625 HIGH
8.2 Apr 24

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2018-2828 HIGH
8.2 Apr 19

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2018-2596 HIGH
8.2 Jan 18

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2018-2564 HIGH
8.2 Jan 18

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate

CVE-2024-20928 MEDIUM
6.1 Jan 16

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated med

CVE-2023-22126 MEDIUM
5.3 Oct 17

Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated med

Share

EUVD-2026-37298 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy