Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4437Oracle Fusion Middleware vulnerability

5 documents5 sources
Severity
5.8MEDIUMNVD
EPSS
48.9%
top 2.23%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Fusion Middleware
Timeline
PublishedJan 19
Latest updateMay 17

Description

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages1 packages

NVDoracle/fusion_middleware6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-fj6x-fvp6-8xpx: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 92022-05-17
CVEList
CVE-2010-4437: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 92011-01-19

💥Exploits & PoCs

1
Exploit-DB
Oracle WebLogic - POST Session Fixation2011-03-11

💬Community

1
Bugzilla
CVE-2008-4437 CVE-2008-6098, CVE-2009-048[13456] bugzilla: multiple issues [F10]2009-02-09
CVE-2010-4437 — Oracle Fusion Middleware vulnerability | cvebase