The vulnerability resides in Oracle WebCenter Portal's Composer component, allowing adversaries with low network privileges to compromise the portal through a standard HTTP endpoint. Successful exploitation provides full control, enabling attackers to read, modify, or delete data and disrupt service. The weakness results in complete confidentiality, integrity, and availability loss for the affected portal instances. This risks exposure of sensitive business data and may affect integrated applications given the advertised scope change. The flaw enables remote code execution or takeover without authentication, as the vector specifies no user interface and a low attack complexity.

Oracle WebCenter Portal 12.2.1.4.0 and 14.1.2.0.0 are affected. Both versions use the Composer component, and the vulnerability may extend to other Fusion Middleware products that integrate with the portal, though specific products are not listed. Administrators should verify if variant installations or modules are present.

The CVSS v3.1 base score of 9.9 reflects a severely dangerous issue. The EPSS score is below 1%, indicating that, while the threat is high, the likelihood of observing exploit activity in the wild is low given current data. The vulnerability is not in CISA KEV listings. The attack vector is Network, with low privilege required and no user interaction, meaning a remote attacker could exploit it over standard HTTP. If the vulnerability were to be actively exploited, the result would be a complete compromise of the portal.