Oracle Weblogic Server 漏洞

时间轴

去年

版本

12.2.1.4.0	180
12.2.1.3.0	163
14.1.1.0.0	160
12.1.3.0.0	106
10.3.6.0.0	89

修正

Official Fix	340
Temporary Fix	0
Workaround	1
Unavailable	0
Not Defined	3

易受攻击性

High	10
Functional	0
Proof-of-Concept	11
Unproven	15
Not Defined	308

访问向量

Not Defined	0
Physical	0
Local	19
Adjacent	0
Network	325

身份验证

Not Defined	0
High	26
Low	33
None	285

用户交互

Not Defined	0
Required	68
None	276

C3BM Index

去年

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	5
≤5	25
≤6	54
≤7	75
≤8	88
≤9	18
≤10	78

CVSSv3 Temp

≤1	0
≤2	0
≤3	1
≤4	6
≤5	33
≤6	83
≤7	61
≤8	71
≤9	14
≤10	75

VulDB

≤1	0
≤2	0
≤3	1
≤4	5
≤5	26
≤6	57
≤7	70
≤8	89
≤9	16
≤10	80

NVD

≤1	0
≤2	0
≤3	0
≤4	2
≤5	20
≤6	26
≤7	44
≤8	44
≤9	11
≤10	58

CNA

≤1	0
≤2	0
≤3	0
≤4	1
≤5	6
≤6	9
≤7	23
≤8	26
≤9	2
≤10	10

供应商

≤1	0
≤2	0
≤3	0
≤4	0
≤5	17
≤6	15
≤7	23
≤8	22
≤9	9
≤10	37

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

零日攻击

<1k	0
<2k	0
<5k	10
<10k	77
<25k	174
<50k	19
<100k	37
≥100k	27

本日攻击

<1k	205
<2k	46
<5k	30
<10k	13
<25k	49
<50k	1
<100k	0
≥100k	0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (15): 9.2, 10.0.2, 10.3.2, 10.3.5, 10.3.6, 11.1.1.9, 12.1.1, 12.1.2, 12.1.3, 12.2.1, 12.2.1.1, 12.2.1.2, 12.2.1.3, 12.2.1.4, 14.1.1

Link to Product Website: https://www.oracle.com

软件类型: Application Server Software

已发布	Base	Temp	漏洞	0day	今天	易	修正	CTI	CVE
2024-04-17	6.4	6.3	Oracle WebLogic Server Core 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2024-21007
2024-04-17	6.4	6.3	Oracle WebLogic Server Core 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2024-21006
2024-01-16	5.5	5.4	Oracle WebLogic Server Centralized Thirdparty Jars 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2023-42503
2024-01-16	6.1	5.8	Oracle WebLogic Server Core 未知漏洞	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2024-20986
2024-01-16	6.1	5.9	Oracle WebLogic Server Centralized Thirdparty Jars 跨网站脚本	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-43643
2024-01-16	6.5	6.3	Oracle WebLogic Server Centralized Thirdparty Jars 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.05	CVE-2023-44483
2024-01-16	7.5	7.2	Oracle WebLogic Server Core 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2024-20931
2024-01-16	8.6	8.2	Oracle WebLogic Server Core 未知漏洞	$5k-$25k	$5k-$25k	Not Defined	Official Fix	0.00	CVE-2024-20927
2024-01-16	9.1	9.0	Oracle WebLogic Server Centralized Thirdparty Jars 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04	CVE-2023-49093
2023-10-17	4.7	4.6	Oracle WebLogic Server Centralized Thirdparty Jars 拒绝服务	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-35116
2023-10-17	5.3	5.2	Oracle WebLogic Server Centralized Thirdparty Jars 未知漏洞	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-13956
2023-10-17	5.5	5.4	Oracle WebLogic Server Centralized Thirdparty Jars 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2021-36374
2023-10-17	7.1	6.8	Oracle WebLogic Server Centralized Thirdparty Jars 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-2976
2023-10-17	7.1	6.9	Oracle WebLogic Server Centralized Thirdparty Jars 权限升级	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-44729
2023-10-17	7.5	7.3	Oracle WebLogic Server Core 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.03	CVE-2023-22108
2023-10-17	7.5	7.3	Oracle WebLogic Server Core 信息公开	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2023-22086
2023-10-17	7.3	7.2	Oracle WebLogic Server Centralized Thirdparty Jars 弱身份验证	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2022-23491
2023-10-17	7.5	7.3	Oracle WebLogic Server Centralized Thirdparty Jars 拒绝服务	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.02	CVE-2022-29546
2023-10-17	8.1	7.9	Oracle WebLogic Server Core Remote Code Execution	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2023-22101
2023-10-17	9.8	9.6	Oracle WebLogic Server Core Remote Code Execution	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.13	CVE-2023-22089
2023-10-17	9.8	9.6	Oracle WebLogic Server Core Remote Code Execution	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2023-22072
2023-10-17	9.8	9.6	Oracle WebLogic Server Core Remote Code Execution	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.02	CVE-2023-22069
2023-10-17	9.8	9.6	Oracle WebLogic Server Centralized Thirdparty Jars 权限升级	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.03	CVE-2022-29599
2023-10-17	9.8	9.6	Oracle WebLogic Server Core 内存损坏	$25k-$100k	$25k-$100k	Not Defined	Official Fix	0.04	CVE-2022-42920
2023-07-18	3.3	3.2	Oracle WebLogic Server Centralized Thirdparty Jars 信息公开	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00	CVE-2020-8908

319 更多条目未显示

🔒 Login Required

You need to signup and login to see more of the remaining 319 results.

更多条目由 Oracle

◂ 上一步一览下一步 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!