Weblogic Server
Monthly
Privilege escalation and data tampering in Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 (Console component) allows a low-privileged local user to compromise confidentiality and integrity of all WebLogic-accessible data when a separate user is tricked into interacting with attacker-supplied content. The scope-changed nature means impact extends beyond WebLogic to additional products in the environment. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Authenticated remote code execution in Oracle WebLogic Server 12.2.1.4.0 and 14.1.2.0.0 allows a low-privileged attacker with HTTP access to fully take over the server, per Oracle's June 2026 Critical Patch Update. The CVSS 3.1 base score of 8.8 reflects full confidentiality, integrity, and availability impact with low attack complexity. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Authenticated remote takeover in Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 via the Console component allows a low-privileged attacker with HTTP network access to fully compromise the server. Oracle rates the flaw CVSS 8.8 with high impact on confidentiality, integrity, and availability, and no public exploit identified at time of analysis. The advisory was published in Oracle's June 2026 Critical Patch Update, making this a priority patching item for enterprise middleware operators.
Server takeover in Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 (Console component) allows a remote unauthenticated attacker who can lure an authenticated user into interacting with a crafted HTTP request to fully compromise the server with a scope change to other products. CVSS 8.3 reflects high impact tempered by high attack complexity and required user interaction; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Remote takeover of Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 is possible via the Console component, allowing an unauthenticated network attacker to fully compromise the server with a scope change that impacts adjacent products. The CVSS 3.1 base score of 10.0 reflects the worst-case combination of network reachability, low complexity, no privileges, and full CIA impact. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Remote takeover of Oracle WebLogic Server (versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0) is possible by unauthenticated attackers with TCP network access to the Core component. Oracle rates this 9.8 with full confidentiality, integrity, and availability impact, and characterizes it as 'easily exploitable,' though no public exploit identified at time of analysis. The flaw is disclosed via the Oracle Critical Patch Update for June 2026 and currently shows no CISA KEV listing or EPSS data.
Authenticated takeover of Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 is achievable through the administrative Console component, where a low-privileged HTTP-authenticated attacker can fully compromise confidentiality, integrity, and availability of the server. Oracle reports the issue as easily exploitable and rates it CVSS 8.8, though no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV. The flaw poses a significant risk to enterprise Java EE deployments where the WebLogic Console is reachable by any authenticated user.
Authenticated takeover of Oracle WebLogic Server (Fusion Middleware Core component) is possible by a high-privileged attacker over HTTP, with a scope change that can impact additional products beyond WebLogic itself. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0, with a CVSS 3.1 base score of 9.1. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Unauthenticated remote takeover in Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 (Console component) allows network attackers to fully compromise the server over HTTP with no user interaction, earning the maximum CVSS 10.0 due to a scope change that can impact adjacent products. Oracle's June 2026 Critical Patch Update is the sole intelligence source; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Full server takeover is possible in Oracle WebLogic Server's Console component, affecting versions 14.1.2.0.0 and 15.1.1.0.0 via HTTP over a network. Exploitation requires a high-privileged attacker and high attack complexity, limiting the realistic threat surface to scenarios where administrative credentials are already compromised or an insider threat is present. No public exploit code and no CISA KEV listing have been identified at the time of analysis; this was disclosed as part of Oracle's Critical Patch Update (CPU) for June 2026.
Remote takeover of Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 (Fusion Middleware, Core component) is achievable by a low-privileged attacker over HTTP, with a CVSS 3.1 score of 9.9 driven by a scope change that lets the impact spread beyond WebLogic itself. Oracle has issued the fix in the June 2026 Critical Patch Update (cspujun2026), and there is no public exploit identified at time of analysis. Authenticated but low-effort exploitation combined with full confidentiality, integrity and availability impact makes this a top-priority patching item for any Oracle middleware estate.
Full takeover of Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 is achievable by remote unauthenticated attackers via the Console component over HTTPS, provided a victim performs an action such as clicking a malicious link. The flaw carries a CVSS 3.1 base score of 8.8 with high impact across confidentiality, integrity, and availability, but exploitation hinges on user interaction. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Cross-scope data compromise in Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 allows a low-privileged remote attacker over HTTPS to read, create, modify, or delete critical data through the administration Console, provided a separate user is induced to perform an action. The CVSS 3.1 base score of 8.7 reflects high confidentiality and integrity impact with scope change reaching beyond WebLogic itself, and no public exploit identified at time of analysis.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Privilege escalation and data tampering in Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 (Console component) allows a low-privileged local user to compromise confidentiality and integrity of all WebLogic-accessible data when a separate user is tricked into interacting with attacker-supplied content. The scope-changed nature means impact extends beyond WebLogic to additional products in the environment. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Authenticated remote code execution in Oracle WebLogic Server 12.2.1.4.0 and 14.1.2.0.0 allows a low-privileged attacker with HTTP access to fully take over the server, per Oracle's June 2026 Critical Patch Update. The CVSS 3.1 base score of 8.8 reflects full confidentiality, integrity, and availability impact with low attack complexity. No public exploit identified at time of analysis and the issue is not currently listed in CISA KEV.
Authenticated remote takeover in Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 via the Console component allows a low-privileged attacker with HTTP network access to fully compromise the server. Oracle rates the flaw CVSS 8.8 with high impact on confidentiality, integrity, and availability, and no public exploit identified at time of analysis. The advisory was published in Oracle's June 2026 Critical Patch Update, making this a priority patching item for enterprise middleware operators.
Server takeover in Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 (Console component) allows a remote unauthenticated attacker who can lure an authenticated user into interacting with a crafted HTTP request to fully compromise the server with a scope change to other products. CVSS 8.3 reflects high impact tempered by high attack complexity and required user interaction; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Remote takeover of Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 is possible via the Console component, allowing an unauthenticated network attacker to fully compromise the server with a scope change that impacts adjacent products. The CVSS 3.1 base score of 10.0 reflects the worst-case combination of network reachability, low complexity, no privileges, and full CIA impact. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Remote takeover of Oracle WebLogic Server (versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0) is possible by unauthenticated attackers with TCP network access to the Core component. Oracle rates this 9.8 with full confidentiality, integrity, and availability impact, and characterizes it as 'easily exploitable,' though no public exploit identified at time of analysis. The flaw is disclosed via the Oracle Critical Patch Update for June 2026 and currently shows no CISA KEV listing or EPSS data.
Authenticated takeover of Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 is achievable through the administrative Console component, where a low-privileged HTTP-authenticated attacker can fully compromise confidentiality, integrity, and availability of the server. Oracle reports the issue as easily exploitable and rates it CVSS 8.8, though no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV. The flaw poses a significant risk to enterprise Java EE deployments where the WebLogic Console is reachable by any authenticated user.
Authenticated takeover of Oracle WebLogic Server (Fusion Middleware Core component) is possible by a high-privileged attacker over HTTP, with a scope change that can impact additional products beyond WebLogic itself. Affected versions are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0, with a CVSS 3.1 base score of 9.1. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Unauthenticated remote takeover in Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 (Console component) allows network attackers to fully compromise the server over HTTP with no user interaction, earning the maximum CVSS 10.0 due to a scope change that can impact adjacent products. Oracle's June 2026 Critical Patch Update is the sole intelligence source; no public exploit identified at time of analysis and the issue is not listed in CISA KEV.
Full server takeover is possible in Oracle WebLogic Server's Console component, affecting versions 14.1.2.0.0 and 15.1.1.0.0 via HTTP over a network. Exploitation requires a high-privileged attacker and high attack complexity, limiting the realistic threat surface to scenarios where administrative credentials are already compromised or an insider threat is present. No public exploit code and no CISA KEV listing have been identified at the time of analysis; this was disclosed as part of Oracle's Critical Patch Update (CPU) for June 2026.
Remote takeover of Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 (Fusion Middleware, Core component) is achievable by a low-privileged attacker over HTTP, with a CVSS 3.1 score of 9.9 driven by a scope change that lets the impact spread beyond WebLogic itself. Oracle has issued the fix in the June 2026 Critical Patch Update (cspujun2026), and there is no public exploit identified at time of analysis. Authenticated but low-effort exploitation combined with full confidentiality, integrity and availability impact makes this a top-priority patching item for any Oracle middleware estate.
Full takeover of Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 is achievable by remote unauthenticated attackers via the Console component over HTTPS, provided a victim performs an action such as clicking a malicious link. The flaw carries a CVSS 3.1 base score of 8.8 with high impact across confidentiality, integrity, and availability, but exploitation hinges on user interaction. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.
Cross-scope data compromise in Oracle WebLogic Server 14.1.2.0.0 and 15.1.1.0.0 allows a low-privileged remote attacker over HTTPS to read, create, modify, or delete critical data through the administration Console, provided a separate user is induced to perform an action. The CVSS 3.1 base score of 8.7 reflects high confidentiality and integrity impact with scope change reaching beyond WebLogic itself, and no public exploit identified at time of analysis.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.