Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-4210Oracle Fusion Middleware vulnerability

4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
94.1%
top 0.10%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Oracle Fusion Middleware
Timeline
PublishedJul 17
Latest updateMay 14

Description

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDoracle/fusion_middleware10.0.2, 10.3.6+1

🔴Vulnerability Details

2
GHSA
GHSA-r9q5-qcf6-7r92: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 102022-05-14
CVEList
CVE-2014-4210: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 102014-07-17

💥Exploits & PoCs

1
Nuclei
Oracle Weblogic - Server-Side Request Forgery
CVE-2014-4210 — Oracle Fusion Middleware vulnerability | cvebase