Design/Logic Flaw

2019-01-1619:30:00

PRIOn knowledge base

www.prio-n.com

3.8 Low

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.9%

JSON

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Deployment). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

CPENameOperatorVersion
weblogic_servereq12.1.3.0
weblogic_servereq10.3.6.0
weblogic_servereq12.2.1.3

Name	Operator	Version
weblogic_server	eq	12.1.3.0
weblogic_server	eq	10.3.6.0
weblogic_server	eq	12.2.1.3

References

www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

www.securityfocus.com/bid/106617