PT-2025-29605 · Oracle · Oracle Weblogic Server
Published
2025-07-15
·
Updated
2025-07-25
·
CVE-2025-30753
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:L/Au:S/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Oracle WebLogic Server versions 12.2.1.4.0
Oracle WebLogic Server versions 14.1.1.0.0
Oracle WebLogic Server versions 14.1.2.0.0
Description
A vulnerability exists in the Oracle WebLogic Server component Core, allowing a low-privileged attacker with network access via HTTP to compromise the server. Successful exploitation can lead to a denial-of-service (DOS) condition, causing hangs or frequent crashes.
Recommendations
Oracle WebLogic Server version 12.2.1.4.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Oracle WebLogic Server version 14.1.1.0.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Oracle WebLogic Server version 14.1.2.0.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
DoS
Resource Exhaustion
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle Weblogic Server