Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 14.1.1.

ORACLE

23-06-2025 19:27

CVE-2025-21549 Vulnerabilidad documentada

7.5 HIGH

Tags

#exploit

#web

#server

#product

#oracle

#vulnerability

#/.net(.*)core/iU

#.net core

#affected

#authenticated

#exploitable

#dos

#compromise

#allow

#attack

#access

#unauthorized

#affect

Descripción

Vulnerability in the Oracle WebLogic Server product of Fusion Middleware (component: Core). The supported version that is affected 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP/2 to compromise Server. Successful attacks this can result unauthorized ability cause a hang or frequently repeatable crash (complete DOS) CVSS 3.1 Base Score 7.5 (Availability impacts). Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

https://www.oracle.com/security-alerts/cpujan2025.html

Referencia

Link externo

Ver detalles

Fuente

https://nvd.nist.gov/vuln/detail/CVE-2025-21549

Resultados similares

Coincidentes en almenos en 50% de los tags

30-06-2025
Linux : Oracle Linux 10 ELSA-2025-9328 Important: libblockdev Access Control Fix The following ...
Ver información

27-06-2025 CVE-2025-30737
Vulnerability in the Oracle Smart View for Office product of Oracle Hyperion (component: Core S...
Ver información