The vulnerability of the WLS Core Components, a component of the Oracle WebLogic Server software from Oracle Fusion Middleware, allows attackers to compromise the confidentiality and integrity of protected information.

🗓️ 25 Jul 2019 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 3 Views

WLS Core Components in Oracle WebLogic Server have access control flaws risking confidentiality and integrity.

Reporter	Title	Published	Views	Family All 43
BDU FSTEC	The vulnerability of the sub-component of the Dynamo Application Framework within the Oracle Commerce Platform of the e-commerce platform Oracle Commerce allows a perpetrator to gain access to modify, add, or delete data.	25 Jul 201900:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Core component in Oracle VM VirtualBox allows a hacker to influence the privacy, integrity, and accessibility of the protected information.	25 Jul 201900:00	–	bdu_fstec
CNVD	Oracle WebLogic Server Component Access Control Error Vulnerability	17 Apr 201900:00	–	cnvd
CNVD	Unspecified Vulnerability in Oracle Virtualization VM VirtualBox Component (CNVD-2019-36160)	18 Apr 201900:00	–	cnvd
CVE	CVE-2019-2657	23 Apr 201918:16	–	cve
CVE	CVE-2019-2658	23 Apr 201918:16	–	cve
Cvelist	CVE-2019-2657	23 Apr 201918:16	–	cvelist
Cvelist	CVE-2019-2658	23 Apr 201918:16	–	cvelist
Debian CVE	CVE-2019-2657	23 Apr 201918:16	–	debiancve
EUVD	EUVD-2019-12297	7 Oct 202500:30	–	euvd

Vulners

Node

oracle fusion_middlewareMatch12.1.3.0.0

OR

oracle fusion_middlewareMatch10.3.6.0.0

Source	Link
oracle	www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2019-2657
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

7.8High risk

Vulners AI Score7.8

CVSS 39.8

CVSS 210

EPSS0.01715

WebLogic Core Components Oracle WebLogic Server access control flaws confidentiality integrity security vulnerability