Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Oracle states unauthenticated HTTP exploitation is easy and results in product takeover, justifying AV:N/AC:L/PR:N/UI:N with full C/I/A impact and unchanged scope.
Primary rating from Vendor (oracle).
CVSS VectorVendor: oracle
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the WebCenter Content: Imaging product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebCenter Content: Imaging. Successful attacks of this vulnerability can result in takeover of WebCenter Content: Imaging. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
AnalysisAI
Remote unauthenticated takeover of Oracle WebCenter Content: Imaging (versions 12.2.1.4.0 and 14.1.2.0.0) is possible via HTTP, per Oracle's June 2026 Critical Patch Update. With a CVSS 3.1 base score of 9.8 and AV:N/AC:L/PR:N/UI:N, the flaw in the Core component enables full compromise of confidentiality, integrity, and availability. No public exploit identified at time of analysis, and the CVE is not currently listed in CISA KEV.
Technical ContextAI
Oracle WebCenter Content: Imaging is the document imaging and capture module within Oracle Fusion Middleware's WebCenter Content suite, used for enterprise document management, invoice processing, and records workflows. The CPE 'cpe:2.3:a:oracle_corporation:webcenter_content:_imaging' confirms the Imaging-specific component within the broader WebCenter Content product is in scope, specifically its Core subsystem reachable over HTTP. No CWE has been assigned by Oracle, but the combination of network vector, low complexity, no privileges, and a full triad impact is characteristic of unauthenticated request-handling flaws such as deserialization, authentication bypass, or injection in the application's HTTP-facing endpoints - common patterns in prior Oracle Fusion Middleware advisories.
RemediationAI
Patch available per vendor advisory: apply the fixes shipped in the Oracle Critical Patch Update of June 2026 (https://www.oracle.com/security-alerts/cspujun2026.html) for WebCenter Content: Imaging 12.2.1.4.0 and 14.1.2.0.0; no exact post-patch build number was provided in the supplied data, so confirm the specific bundle patch in Oracle's CPU matrix before deploying. As compensating controls until the CPU is applied, restrict network access to the WebCenter Content: Imaging HTTP and managed-server ports so that only trusted application tiers and administrative jump hosts can reach them - accepting that legitimate document submission/imaging integrations from end users or partners will break until reopened - and place the service behind a reverse proxy or WAF that enforces authentication at the edge, acknowledging this does not address the root cause and may be bypassed if backend ports remain exposed. Increase HTTP access logging on the Imaging managed servers and monitor for anomalous requests to Imaging endpoints to detect attempted exploitation.
More in Webcenter Content
View allVulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Unauthenticated remote compromise of Oracle WebCenter Content: Imaging (component: Core) in Oracle Fusion Middleware ver
Account takeover in Oracle WebCenter Content: Imaging (Fusion Middleware) allows a low-privileged authenticated attacker
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Rate
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated med
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Rated med
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-37301