CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21842
https://notcve.org/view.php?id=CVE-2023-21842
17 Jan 2023 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confident... • https://www.oracle.com/security-alerts/cpujan2023.html • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21841
https://notcve.org/view.php?id=CVE-2023-21841
17 Jan 2023 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentialit... • https://www.oracle.com/security-alerts/cpujan2023.html • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 93%CPEs: 3EXPL: 13CVE-2023-21839 – Oracle WebLogic Server Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2023-21839
17 Jan 2023 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentialit... • https://packetstorm.news/files/id/172882 • CWE-306: Missing Authentication for Critical Function •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-21838 – Oracle WebLogic Server IIOP Protocol Deserialization of Untrusted Data Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-21838
17 Jan 2023 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 7.5 (Availab... • https://www.oracle.com/security-alerts/cpujan2023.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-21837
https://notcve.org/view.php?id=CVE-2023-21837
17 Jan 2023 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality im... • https://github.com/hktalent/CVE-2023-21837 • CWE-306: Missing Authentication for Critical Function •
CVSS: 5.2EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21616
https://notcve.org/view.php?id=CVE-2022-21616
18 Oct 2022 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ... • https://www.oracle.com/security-alerts/cpuoct2022.html •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21564
https://notcve.org/view.php?id=CVE-2022-21564
19 Jul 2022 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 5.3 (Availabili... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21560
https://notcve.org/view.php?id=CVE-2022-21560
19 Jul 2022 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.1 Base Score 5.3 (Availability impac... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 5.7EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21557
https://notcve.org/view.php?id=CVE-2022-21557
19 Jul 2022 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogi... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21548
https://notcve.org/view.php?id=CVE-2022-21548
19 Jul 2022 — Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial den... • https://www.oracle.com/security-alerts/cpujul2022.html •