Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2017-3248

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).

  • Published: Jan 27, 2017
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-3248
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
oracle / weblogic_server 12.2.1.0.0 12.2.1.0.0.x
oracle / weblogic_server 12.1.3.0.0 12.1.3.0.0.x
oracle / weblogic_server 10.3.6.0.0 10.3.6.0.0.x
oracle / weblogic_server 12.2.1.1.0 12.2.1.1.0.x