CVE-2018-3248 in Oracle WebLogic Serverinformación

Resumen (Inglés)

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).

Reservar

2017-12-15

Divulgación

2018-10-16

Voces

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerabilidad	CWE	Exp	Con	CVE
125476	Oracle WebLogic Server WLS - Web Services escalada de privilegios	284	No está definido	Arreglo oficial	CVE-2018-3248

Descripción

CPE

CWE

CVSS

Hazañas

Historia

Diferencia

Relacionar

Inteligencia de amenazas

API JSON

API XML

API CSV

◂ AnteriorVisión De ConjuntoPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!