Remote Command Execution Vulnerability in Oracle WebLogic Server
CVE-2023-21931

7.5HIGH

Key Information:

Vendor: Oracle
Status: Weblogic Server
Vendor: CVE Published:; 18 April 2023

Badges

👾 Exploit Exists🟣 EPSS 85%

What is CVE-2023-21931?

A vulnerability exists within Oracle WebLogic Server that allows an unauthenticated attacker with network access via T3 to exploit the system. This weakness can enable unauthorized access to sensitive data or, in some cases, give an attacker complete control over all data accessible within the Oracle WebLogic Server environment. The supported versions affected by this issue are 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. It is crucial for organizations operating these versions to apply the appropriate patches to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

WebLogic Server 12.2.1.3.0

WebLogic Server 12.2.1.4.0

WebLogic Server 14.1.1.0.0

References

https://www.oracle.com/security-alerts/cpuapr2023.html

vendor-advisory

http://packetstormsecurity.com/files/172882/Oracle-Weblog...

EPSS Score

85% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

🟡
Public PoC available
Oct 21, 2023
👾
Exploit known to exist
Oct 21, 2023
Vulnerability published
Apr 18, 2023
Vulnerability Reserved
Dec 17, 2022

JSON

Oracle

Badges

What is CVE-2023-21931?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

EPSS Score

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.