Assigned CVE-2026-21962, this flaw carries the maximum severity rating and poses an immediate threat to enterprise environments that use these proxy components.
The vulnerability stems from a defect in how the WebLogic Server Proxy Plug-ins for Apache HTTP Server and Microsoft IIS handle incoming requests. Because the flaw is located in the proxy layer, it exposes critical infrastructure to unauthenticated, remote exploitation without requiring user interaction.
This vulnerability is characterized by its low attack complexity and high impact. An unauthenticated attacker with network access via HTTP can exploit this flaw to bypass security controls entirely.
The issue impacts the Oracle HTTP Server and the WebLogic Server Proxy Plug-in, which are often deployed in DMZs to forward requests to backend WebLogic clusters.
According to the disclosure, the vulnerability allows for unauthorized access to critical data. Furthermore, it permits attackers to manipulate the integrity of the system, granting the ability to create, delete, or modify data accessible to the Oracle HTTP Server.
A significant aspect of this CVE is the “Scope Change” (S:C) metric in the CVSS vector. This indicates that while the vulnerability exists within the Proxy Plug-in, a successful exploit can impact resources and components beyond the plug-in itself, potentially allowing attackers to pivot into the backend WebLogic environment.
The flaw has received a CVSS 3.1 Base Score of 10.0, highlighting its critical nature. While the availability impact is listed as none in the vector, the complete loss of confidentiality and integrity renders the server effectively compromised.
Administrators should verify their installations immediately. The vulnerability affects the Oracle Fusion Middleware component: WebLogic Server Proxy Plug-in for Apache HTTP Server and WebLogic Server Proxy Plug-in for IIS.
The specific supported versions vulnerable to this exploit include:
Given the ease of exploitation and the criticality of the data at risk, organizations are urged to immediately apply the necessary patches provided in Oracle’s Critical Patch Update (CPU).
If immediate patching is not feasible, security teams should consider restricting network access to the affected HTTP ports to trusted IP addresses only, although this may disrupt legitimate web traffic.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Critical Oracle WebLogic Server Proxy Vulnerability Lets Attackers Compromise the Server appeared first on Cyber Security News.
Emily Blunt, Cillian Murphy, Millicent Simmonds, and Noah Jupe are officially reprising their roles for…
Whether you’re after a new Apple Watch Ultra or want to add a few new…
Sony's upgraded PlayStation Spectral Super Resolution (PSSR) technology is rolling out to several titles on…
There's no better time to dive into the world of immersive VR gaming. AliExpress is…
Krafton has been ordered to reinstate the former boss of Subnautica 2 studio Unknown Worlds…
Tje GeForce RTX 5080 graphics card will allow you to run all of the latest…
This website uses cookies.