Liu Ming

**Name of the Vulnerable Software and Affected Versions** Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0 **Description** The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, part of the Oracle Fusion Middleware platform. This can be exploited by a remote attacker to gain unauthorized access to protected information. Successful attacks can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. **Recommendations** For versions 12.2.1.4.0 and 14.1.1.0.0, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.