CVE-2022-21261

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0

Description The issue exists due to insufficient input validation in a component of Oracle WebLogic Server. This allows a remote attacker to compromise the server via HTTP, potentially impacting the confidentiality and integrity of protected information. Successful attacks require interaction from someone other than the attacker and may significantly affect additional products, resulting in unauthorized access to Oracle WebLogic Server data.

Recommendations For versions 12.2.1.4.0 and 14.1.1.0.0, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.