⚠ Actively exploited
Added to CISA KEV on 2023-05-01. Federal agencies required to patch by 2023-05-22. Required action: Apply updates per vendor instructions..
CVE-2023-21839 — Deserialization of Untrusted Data in Corporation Weblogic Server
Severity
7.5HIGHNVD
EPSS
94.1%
top 0.09%
CISA KEV
KEV
Added 2023-05-01
Due 2023-05-22
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedJan 18
KEV addedMay 1
KEV dueMay 22
Latest updateOct 27
CISA Required Action: Apply updates per vendor instructions.
Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Co…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6
Affected Packages2 packages
Patches
🔴Vulnerability Details
3💥Exploits & PoCs
1Nuclei▶
Oracle WebLogic Server - Unauthorized Access
🔍Detection Rules
1Suricata▶
ET WEB_SERVER Oracle WebLogic Unauthenticated IIOP/T3 Remote Code Execution (CVE-2023-21839)↗2025-10-27