Skip to main content

Web Services Manager

2 CVEs product

Monthly

CVE-2023-21862 HIGH PATCH This Week

Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: XML Security component). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Oracle XXE Authentication Bypass Web Services Manager
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2022-21497 HIGH This Week

Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Web Services Manager
NVD
CVSS 3.1
8.1
EPSS
1.6%
EPSS 1% CVSS 8.1
HIGH PATCH This Week

Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: XML Security component). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

Oracle XXE Authentication Bypass +1
NVD
EPSS 2% CVSS 8.1
HIGH This Week

Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Web Services Manager
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy