Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).
Published: 2026-04-21
Score: 6.5 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Data Modification in Oracle WebLogic Server
Action: Patch Now
AI Analysis

Impact

The vulnerability in Oracle WebLogic Server’s Web Services component permits an unauthenticated attacker with network access over HTTP to compromise the server, but it requires a separate human interaction to succeed. If triggered, the attacker can create, delete, or modify critical data stored on the server, thereby violating the integrity of information but not its confidentiality or availability. The flaw is listed as a moderate‑risk issue with a CVSS 6.5 score that highlights potential destructive impact if an automated or manual request can be sent to the server.

Affected Systems

The affected product is Oracle WebLogic Server, specifically versions 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0. These versions are part of Oracle’s Fusion Middleware stack and handle web services traffic.

Risk and Exploitability

The CVSS score of 6.5 indicates a moderate severity. The EPSS score of < 1% indicates an extremely low likelihood of exploitation. The vulnerability is not listed in the CISA KEV catalog, meaning no known public exploits. The attack vector is network‑based (HTTP) and requires user interaction, so a malicious request must be triggered by a person other than the attacker, limiting widespread automated exploitation. Nonetheless, any automated phishing or social‑engineering campaign that encourages a user to hit a specific URL could trigger the flaw.

Generated by OpenCVE AI on April 28, 2026 at 16:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Oracle WebLogic Server patch from the official April 2026 Critical Patch Update
  • Restrict access to the Web Services interfaces to trusted networks or IP ranges using firewall or network segmentation rules
  • If a patch is not yet available, protect the server by placing it behind a web application firewall that filters suspicious requests

Generated by OpenCVE AI on April 28, 2026 at 16:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 28 Apr 2026 16:30:00 +0000

Type Values Removed Values Added
Title Unauthenticated HTTP-Based Integrity Compromise in Oracle WebLogic Server Web Services

Tue, 28 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
Title Remote Data Modification via Web Services in Oracle WebLogic Server
Weaknesses CWE-284

Wed, 22 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-285
CWE-601
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 22 Apr 2026 07:00:00 +0000

Type Values Removed Values Added
Title Remote Data Modification via Web Services in Oracle WebLogic Server
Weaknesses CWE-284

Wed, 22 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
Description Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).
First Time appeared Oracle
Oracle weblogic Server
CPEs cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:14.1.2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:weblogic_server:15.1.1.0.0:*:*:*:*:*:*:*
Vendors & Products Oracle
Oracle weblogic Server
References
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N'}

Subscriptions

Oracle Weblogic Server
cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published:

Updated: 2026-04-22T13:19:50.755Z

Reserved: 2026-03-26T19:48:45.681Z

Link: CVE-2026-34315

cve-icon Vulnrichment

Updated: 2026-04-22T13:19:43.457Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-21T21:16:37.043

Modified: 2026-04-24T14:24:55.690

Link: CVE-2026-34315

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T16:15:20Z

Weaknesses