COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2023-21839

CVE-2023-21839

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-05-01
Reference
https://nvd.nist.gov/vuln/detail/CVE-2023-21839
⌖ exploited in the wild shame 50/100 exploited-in-wild

Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.

Players implicated

Oracle · vendorWebLogic Server · product

Description

Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.

Affected FedRAMP products 10 in the catalog

ProductProviderStatusMatch
Aconex for Defense Oracle Authorized vendor-exact · 0.90
Federal Managed Cloud Services Oracle Authorized vendor-exact · 0.90
Fusion Cloud Oracle Authorized vendor-exact · 0.90
Government Cloud - Common Controls Oracle Authorized vendor-exact · 0.90
Oracle Cloud Infrastructure-Government Cloud Oracle Authorized vendor-exact · 0.90
Oracle Enterprise Performance Management (EPM) Oracle Authorized vendor-exact · 0.90
Oracle Enterprise Performance Management (EPM) - Moderate Oracle In Process vendor-exact · 0.90
Oracle Service Cloud Oracle Authorized vendor-exact · 0.90
Oracle Service Cloud (DOD) Oracle Authorized vendor-exact · 0.90
Taleo Cloud - U.S. Government Cloud Oracle Authorized vendor-exact · 0.90