Oracle Weblogic versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.4.0 & 14.1.1.0.0 suffer from a weakness allowing to bypass authentication and to access the management panel due to a bad character management %252e (“.”) & %252f (“/”).
In some cases, exploiting this vulnerability can lead to the execution of arbitrary code on the server.
Oracle proposes the associated patches on its site to fix the vulnerability.
No source data