PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-35301 Oracle Corporation CVE debrief

A critical vulnerability was identified in the WebLogic Server product of Oracle Fusion Middleware, specifically in the Console component. The vulnerability affects versions 12.2.1.4.0 and 14.1.1.0.0. It is easily exploitable by an unauthenticated attacker with network access via HTTP, potentially leading to a takeover of WebLogic Server. The CVSS 3.1 Base Score is 10.0, indicating a high impact on Confidentiality, Integrity, and Availability.

Vendor
Oracle Corporation
Product
WebLogic Server
CVSS
CRITICAL 10
CISA KEV
Not listed in stored evidence
Original CVE published
2026-06-17
Original CVE updated
2026-06-18
Advisory published
2026-06-17
Advisory updated
2026-06-18

Who should care

Administrators and security teams responsible for Oracle Fusion Middleware and WebLogic Server installations should be aware of this vulnerability. Given its critical severity and potential for exploitation, immediate attention is necessary to assess and mitigate the risk.

Technical summary

The vulnerability in WebLogic Server's Console component can be exploited by an unauthenticated attacker with network access via HTTP. Successful exploitation can lead to a complete takeover of the WebLogic Server. The vulnerability has a CVSS 3.1 Base Score of 10.0, with high impacts on Confidentiality, Integrity, and Availability. The CVSS Vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. This critical vulnerability affects WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0, allowing attackers to compromise the server's confidentiality, integrity, and availability. Administrators must assess and mitigate this risk promptly.

Defensive priority

High

Recommended defensive actions

  • Apply the vendor's official patch or update to a non-vulnerable version of WebLogic Server.
  • Implement compensating controls such as network segmentation or access restrictions to limit exposure.
  • Monitor WebLogic Server installations for signs of exploitation.
  • Perform regular inventory checks to ensure all instances are accounted for and up-to-date.
  • Review relevant monitoring, detection, and logs for exposed assets that need extra review.
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented.
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.

Evidence notes

The CVE record was published on 2026-06-17T10:40:22.200Z and was last modified on 2026-06-18T15:44:10.817Z. The NVD entry is currently Analyzed. Oracle Corporation is the affected vendor, and the vulnerability affects WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-17T10:40:22.200Z and has not been modified since then. The NVD entry is currently Analyzed.