PT-2026-25957 · Oracle · Oracle Edge Cloud Infrastructure Designer/Visualisation Toolkit
Gouri Sankar A
·
Published
2026-03-17
·
Updated
2026-03-20
·
CVE-2026-21994
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit version 0.3.0
Description
An easily exploitable issue exists in the Oracle Edge Cloud Infrastructure Designer and Visualisation Toolkit (Desktop component) that allows an unauthenticated attacker with network access via HTTP to take control of the system. Successful exploitation can lead to a complete takeover of the application. The issue affects versions prior to a fix and has a CVSS 3.1 Base Score of 9.8, impacting confidentiality, integrity, and availability.
Recommendations
Versions prior to a fix are vulnerable. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Access Control
Deserialization of Untrusted Data
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle Edge Cloud Infrastructure Designer/Visualisation Toolkit