Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2018-3246

Disclosure Date: October 17, 2018
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS – Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Vendors

  • oracle

Products

  • banking platform 2.6.0,
  • banking platform 2.6.1,
  • banking platform 2.6.2,
  • business process management suite 11.1.1.9.0,
  • business process management suite 12.1.3.0.0,
  • business process management suite 12.2.1.3.0,
  • communications converged application server,
  • communications webrtc session controller,
  • enterprise repository 12.1.3.0.0,
  • retail convenience and fuel pos software 2.8.1,
  • utilities network management system 1.12.0.3,
  • utilities network management system 2.3.0.0,
  • utilities network management system 2.3.0.1,
  • utilities network management system 2.3.0.2,
  • webcenter portal 11.1.1.9.0,
  • webcenter portal 12.2.1.3.0,
  • weblogic server 12.1.3.0.0,
  • weblogic server 12.2.1.3,
  • weblogic server 12.2.1.3.0

Additional Info

Technical Analysis