CVE-2018-3246 vulnerability in Oracle Products
Published on October 17, 2018

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

NVD

Products Associated with CVE-2018-3246

Want to know whenever a new CVE is published for Oracle products? stack.watch will email you.

Oracle Banking Platform

Oracle Business Process Management Suite

Oracle Communications Converged Application Server

Oracle Communications Webrtc Session Controller

Oracle Enterprise Repository

Oracle Retail Convenience Fuel Pos Software

Oracle Utilities Network Management System

Oracle Webcenter Portal

Oracle Weblogic Server

Affected Versions

Oracle Corporation WebLogic Server:

Version 12.1.3.0 is affected.
Version 12.2.1.3 is affected.

Exploit Probability

EPSS

3.09%

Percentile

86.54%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-3246 vulnerability in Oracle ProductsPublished on October 17, 2018

Products Associated with CVE-2018-3246

Affected Versions

Exploit Probability

CVE-2018-3246 vulnerability in Oracle Products
Published on October 17, 2018