CVE-2024-21182
Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
In plain language
AI Act nowCVE-2024-21182 is a WebLogic Server flaw that lets an attacker, without logging in, access sensitive data over the network; if you run Oracle WebLogic Server on the affected versions, you should treat this as urgent and patch quickly.
Unauthenticated network access to Oracle WebLogic Server via T3 or IIOP protocols can be abused to gain unauthorized access to sensitive data; this is confirmed in the CISA KEV catalog with active exploitation, so vulnerable instances should be remediated immediately (affected versions include 12.2.1.4.0 and 14.1.1.0.0).
What to do now
- Check whether your systems use Oracle WebLogic Server version 12.2.1.4.0 or 14.1.1.0.0.
- If you’re on one of those versions, schedule an urgent upgrade/patch using Oracle’s July 2024 CPU remediation guidance (as referenced by Oracle security alerts).
- After applying the update, verify the WebLogic service is running the patched build and that the exposed ports/protocols are not reachable unless explicitly required.
- If you cannot patch immediately, implement the vendor-described mitigations promptly and restrict network reachability to reduce exposure.
- Confirm completion by reviewing access and error logs for suspicious connections over T3/IIOP-related network paths.
CVSS Vector Breakdown
AV:NAttack VectorAC:LAttack ComplexityPR:NPrivileges RequiredUI:NUser InteractionS:UScopeC:HConfidentialityI:NIntegrityA:NAvailabilityWeaknesses
Affected Products
Exploitability
Required action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
References
- Hackers now exploit critical Oracle E-Business flaw in attacksen-us·BleepingComputer·
- Microsoft patches Exchange Server zero-day exploited in attacksen-us·BleepingComputer·
- Weekly Threat Intelligence: June 1 to June 7, 2026en-us·Daily CyberSecurity (securityonline.info)· Summary only·
- Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitationen·The Hacker News· Summary only·
Unlock Complete Vulnerability Intelligence
Get the full picture for CVE-2024-21182 and every CVE in our database. Create a free account — no credit card required.
Create Free Account