cbcvebase.

Oracle Weblogic Server vulnerabilities

309 known vulnerabilities affecting oracle/weblogic_server.

Total CVEs
309
CISA KEV
16
actively exploited
Public exploits
33
Exploited in wild
22
Severity breakdown
CRITICAL81HIGH94MEDIUM130LOW4

Vulnerabilities

Page 2 of 16
CVE-2024-21006HIGHCVSS 7.5v12.2.1.4.0v14.1.1.0.02024-04-16
CVE-2024-21006 [HIGH] CWE-306 CVE-2024-21006: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result
nvd
CVE-2024-21007HIGHCVSS 7.5v12.2.1.4.0v14.1.1.0.02024-04-16
CVE-2024-21007 [HIGH] CWE-306 CVE-2024-21007: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result
nvd
CVE-2024-20927HIGHCVSS 8.6v12.2.1.4.0v14.1.1.0.02024-02-17
CVE-2024-20927 [HIGH] CWE-284 CVE-2024-20927: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, at
nvd
CVE-2024-20931HIGHCVSS 7.5v12.2.1.4.0v14.1.1.0.02024-02-17
CVE-2024-20931 [HIGH] CWE-284 CVE-2024-20931: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result
nvd
CVE-2024-20986MEDIUMCVSS 6.1v12.2.1.4.0v14.1.1.0.02024-02-17
CVE-2024-20986 [MEDIUM] CWE-352 CVE-2024-20986: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a pe
nvd
CVE-2023-22072CRITICALCVSS 9.8v12.2.1.3.02023-10-17
CVE-2023-22072 [CRITICAL] CWE-306 CVE-2023-22072: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeove
nvd
CVE-2023-22089CRITICALCVSS 9.8v12.2.1.4.0v14.1.1.0.02023-10-17
CVE-2023-22089 [CRITICAL] CVE-2023-22089: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in t
nvd
CVE-2023-22069CRITICALCVSS 9.8v12.2.1.4.0v14.1.1.0.02023-10-17
CVE-2023-22069 [CRITICAL] CWE-306 CVE-2023-22069: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can res
nvd
CVE-2023-22108HIGHCVSS 7.5v12.2.1.4.0v14.1.1.0.02023-10-17
CVE-2023-22108 [HIGH] CVE-2023-22108: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unaut
nvd
CVE-2023-22101HIGHCVSS 8.1v12.2.1.4.0v14.1.1.0.02023-10-17
CVE-2023-22101 [HIGH] CWE-306 CVE-2023-22101: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can resul
nvd
CVE-2023-22086HIGHCVSS 7.5v12.2.1.4.0v14.1.1.0.02023-10-17
CVE-2023-22086 [HIGH] CWE-200 CVE-2023-22086: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result
nvd
CVE-2023-22040MEDIUMCVSS 6.5v12.2.1.4.0v14.1.1.0.02023-07-18
CVE-2023-22040 [MEDIUM] CVE-2023-22040: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can res
nvd
CVE-2023-22031MEDIUMCVSS 4.4v12.2.1.4.0v14.1.1.0.02023-07-18
CVE-2023-22031 [MEDIUM] CVE-2023-22031: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.1.0.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in u
nvd
CVE-2023-21964HIGHCVSS 7.5v12.2.1.3.0v12.2.1.4.0+1 more2023-04-18
CVE-2023-21964 [HIGH] CWE-400 CVE-2023-21964: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can r
nvd
CVE-2023-21931HIGHCVSS 7.5v12.2.1.3.0v12.2.1.4.0+1 more2023-04-18
CVE-2023-21931 [HIGH] CWE-306 CVE-2023-21931: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can r
nvd
CVE-2023-21996HIGHCVSS 7.5v12.2.1.3.0v12.2.1.4.0+1 more2023-04-18
CVE-2023-21996 [HIGH] CWE-400 CVE-2023-21996: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Serv Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnera
nvd
CVE-2023-21979HIGHCVSS 7.5v12.2.1.3.0v12.2.1.4.0+1 more2023-04-18
CVE-2023-21979 [HIGH] CWE-306 CVE-2023-21979: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can r
nvd
CVE-2023-21956MEDIUMCVSS 6.1v12.2.1.4.0v14.1.1.0.02023-04-18
CVE-2023-21956 [MEDIUM] CVE-2023-21956: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Cont Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a
nvd
CVE-2023-21960MEDIUMCVSS 5.6v12.2.1.3.0v12.2.1.4.02023-04-18
CVE-2023-21960 [MEDIUM] CVE-2023-21960: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unaut
nvd
CVE-2023-21837HIGHCVSS 7.5v12.2.1.3.0v12.2.1.4.0+1 more2023-01-18
CVE-2023-21837 [HIGH] CWE-306 CVE-2023-21837: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can
nvd
← Previous2 / 16Next →