Rewterz Threat Advisory – Multiple Oracle VM VirtualBox and Java SE Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle Products Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle VM VirtualBox and Java SE Vulnerabilities
October 20, 2023Rewterz Threat Advisory – Multiple Oracle Products Vulnerabilities
October 20, 2023Severity
High
Analysis Summary
CVE-2023-22089 CVSS:9.8
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact, high integrity impact, and high availability impact.
CVE-2023-22108 CVSS:7.5
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact.
CVE-2023-22101 CVSS:8.1
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact, high integrity impact, and high availability impact.
CVE-2023-22086 CVSS:7.5
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact, no integrity impact, and no availability impact.
CVE-2023-22072 CVSS:9.8
An unspecified vulnerability in Oracle WebLogic Server related to the Core component could allow a remote attacker to cause high confidentiality impact, high integrity impact, and high availability impact.
Impact
- Gain Access
- Information Theft
Indicators Of Compromise
CVE
- CVE-2023-22089
- CVE-2023-22108
- CVE-2023-22101
- CVE-2023-22086
- CVE-2023-22072
Affected Vendors
Oracle
Affected Products
- Oracle WebLogic Server 14.1.1.0.0
- Oracle WebLogic Server 12.2.1.4.0
- Oracle WebLogic Server 12.2.1.3.0
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.