CVE-2018-2628
Oracle WebLogic Server Unspecified Vulnerability
CVSS
—
No CVSS
EPSS
99.4%
p100
KEV
YES
Sep 8, 2022
Exploit Today
80
0-100
Published: — · Last modified: —
99.4%EPSS · 30 days99.4%
2026-06-302026-07-16
Product
Oracle / WebLogic Server
Vulnerability
Oracle WebLogic Server Unspecified Vulnerability
Added to KEV
Sep 8, 2022
Remediate by
Sep 29, 2022
Known ransomware use
No
Summary description
Oracle WebLogic Server contains an unspecified vulnerability which can allow an unauthenticated attacker with T3 network access to compromise the server.
Required action
Apply updates per vendor instructions.
Notes
https://www.oracle.com/security-alerts/cpuapr2018.html; https://nvd.nist.gov/vuln/detail/CVE-2018-2628
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2020-14882—100.0%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2017-10271—100.0%
KEV—80Oracle Corporation WebLogic Server Remote Code Execution Vulnerability—CVE-2019-2725—100.0%
KEV—80Oracle WebLogic Server, Injection—CVE-2023-21839—100.0%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—CVE-2020-14750—99.9%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2020-14883—99.9%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—