PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-35299 Oracle Corporation CVE debrief

A vulnerability was discovered in the WebLogic Server product of Oracle Fusion Middleware, specifically in the Console component. The affected versions are 12.2.1.4.0 and 14.1.1.0.0. This vulnerability allows a low-privileged attacker with network access via HTTP to compromise WebLogic Server, potentially leading to a takeover of the server. The vulnerability has a high CVSS score of 8.8, indicating significant impacts on Confidentiality, Integrity, and Availability. Administrators and users should be aware of this vulnerability and take necessary precautions to mitigate potential risks.

Vendor
Oracle Corporation
Product
WebLogic Server
CVSS
HIGH 8.8
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-17
Original CVE updated
2026-06-18
Advisory published
2026-06-17
Advisory updated
2026-06-18

Who should care

Administrators and users of Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0 should be aware of this vulnerability and take necessary precautions. This includes reviewing and implementing the recommended actions provided by Oracle and monitoring WebLogic Server logs for suspicious activity.

Technical summary

The vulnerability in WebLogic Server's Console component can be exploited by a low-privileged attacker with network access via HTTP. Successful exploitation can lead to a complete takeover of the WebLogic Server. The CVSS 3.1 Base Score for this vulnerability is 8.8, indicating a high severity level with significant impacts on Confidentiality, Integrity, and Availability. The vulnerability is easily exploitable and can be mitigated by applying patches or updates provided by Oracle.

Defensive priority

High priority should be given to patching or mitigating this vulnerability, as it can be easily exploited and has a high CVSS score.

Recommended defensive actions

  • Apply the patches or updates provided by Oracle to fix the vulnerability.
  • Restrict access to the WebLogic Server Console to only trusted users and networks.
  • Monitor WebLogic Server logs for suspicious activity.
  • Consider implementing additional security controls, such as Web Application Firewalls (WAFs), to detect and prevent exploitation attempts.
  • Review compensating controls for exposed systems while remediation is scheduled and verified.
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.

Evidence notes

The CVE record was published on 2026-06-17T10:40:21.993Z and was last modified on 2026-06-18T15:45:00.767Z. The NVD entry is currently Analyzed. This information is based on the provided source corpus and may not reflect the full scope of the vulnerability. Further verification is recommended to ensure accurate understanding of the vulnerability's impact.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:40:21.993Z and has not been modified since then. The NVD entry is currently Analyzed.