Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
WebLogic CVE-2019-2568 Vulnerability (CVE-2019-2568) - Vulnerability Database

WebLogic CVE-2019-2568 Vulnerability (CVE-2019-2568)

Description

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N).

References

CVE-2019-2568

Related Vulnerabilities

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732) Medium
Common tags: Missing Update Known Vulnerabilities
Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7741) Medium
Common tags: Missing Update Known Vulnerabilities
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-6970) High
Common tags: Missing Update Known Vulnerabilities
Django Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-6975) High
Common tags: Missing Update Known Vulnerabilities
PHP Out-of-bounds Write Vulnerability (CVE-2019-6977) High
Common tags: Missing Update Known Vulnerabilities

Severity

Medium

Classification

CVE-2019-2568
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Tags

Missing Update
Known Vulnerabilities