CVE-2021-2204

🗓️ 22 Apr 2021 21:53:50Reported by oracleType

Vulnerability CVE-2021-2204 affects Oracle WebLogic Server allowing unauthorized data access.

Reporter	Title	Published	Views	Family All 12
GithubExploit	Exploit for Code Injection in Exiftool_Project Exiftool	2 Aug 202118:56	–	githubexploit
CNNVD	Oracle WebLogic Server 安全漏洞	20 Apr 202100:00	–	cnnvd
CNVD	Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2021-30929)	21 Apr 202100:00	–	cnvd
Cvelist	CVE-2021-2204	22 Apr 202121:53	–	cvelist
EUVD	EUVD-2021-16663	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Oracle Fusion Middleware	21 Apr 202100:00	–	ncsc
NVD	CVE-2021-2204	22 Apr 202122:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - April 2021	20 Apr 202100:00	–	oracle
Tenable Nessus	Oracle WebLogic Server Multiple Vulnerabilities (Apr 2021 CPU)	22 Apr 202100:00	–	nessus
Prion	Design/Logic Flaw	22 Apr 202122:15	–	prion

NVD

Vulners

Node

oracle weblogic_serverMatch10.3.6.0.0

oracle weblogic_serverMatch12.1.3.0.0

oracle weblogic_serverMatch12.2.1.3.0

oracle weblogic_serverMatch12.2.1.4.0

oracle weblogic_serverMatch14.1.1.0.0

[
  {
    "product": "WebLogic Server",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "10.3.6.0.0"
      },
      {
        "status": "affected",
        "version": "12.1.3.0.0"
      },
      {
        "status": "affected",
        "version": "12.2.1.3.0"
      },
      {
        "status": "affected",
        "version": "12.2.1.4.0"
      },
      {
        "status": "affected",
        "version": "14.1.1.0.0"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpuapr2021.html

21 Nov 2024 06:02Current

5.1Medium risk

Vulners AI Score5.1

CVSS 25

CVSS 3.15.3

EPSS0.0135

SSVC