CVE-2023-21839
Oracle WebLogic Server Unspecified Vulnerability
CVSS
—
No CVSS
EPSS
99.8%
p100
KEV
YES
May 1, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
99.8%EPSS · 30 days99.8%
2026-06-302026-07-16
Product
Oracle / WebLogic Server
Vulnerability
Oracle WebLogic Server Unspecified Vulnerability
Added to KEV
May 1, 2023
Remediate by
May 22, 2023
Known ransomware use
No
Summary description
Oracle WebLogic Server contains an unspecified vulnerability that allows an unauthenticated attacker with network access via T3, IIOP, to compromise Oracle WebLogic Server.
Required action
Apply updates per vendor instructions.
Notes
https://www.oracle.com/security-alerts/cpujan2023.html; https://nvd.nist.gov/vuln/detail/CVE-2023-21839
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2017-10271—100.0%
KEV—80Oracle Corporation WebLogic Server Remote Code Execution Vulnerability—CVE-2020-14882—100.0%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2019-2725—100.0%
KEV—80Oracle WebLogic Server, Injection—CVE-2018-2628—99.9%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—CVE-2020-14750—99.9%
KEV—80Oracle WebLogic Server Remote Code Execution Vulnerability—CVE-2020-14883—99.9%
KEV—80Oracle WebLogic Server Unspecified Vulnerability—