CVE-2023-22108

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 17, 2023
Updated: Oct 23, 2023

Summary

CVE-2023-22108 is a vulnerability affecting Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, which is part of Oracle Fusion Middleware. This easy-to-exploit issue enables unauthenticated network attackers to compromise the server via T3 and IIOP protocols. Successfully exploited vulnerabilities can lead to unauthorized access to sensitive data or full control over all data accessible to the Oracle WebLogic Server. The Base Score of this vulnerability, according to the Common Vulnerability Scoring System (CVSS), is 7.5 for Confidentiality impacts.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Oracle WebLogic Server

Affected Vendors

  • BonqDAO