CVE-2012-1710
CRITICAL KEV RANSOMWAREOracle WebCenter Forms Recognition - Info Disclosure
Title source: llmExploitation Summary
CVE-2012-1710 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added May 25, 2022, with confirmed use in ransomware campaigns.
Description
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709.
References (4)
Core 4
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-1710
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026949
Patch, Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html
Broken Link vendor-advisory
x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
Scores
CVSS v3
9.8
EPSS
0.4085
EPSS Percentile
97.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
partial
Details
CISA KEV
2022-05-25
VulnCheck KEV
2021-02-11
InTheWild.io
2015-08-27
ENISA EUVD
EUVD-2012-1720
Ransomware Use
Confirmed
Status
published
Products (1)
oracle/fusion_middleware
10.1.3.5
Published
May 03, 2012
KEV Added
May 25, 2022
Tracked Since
Feb 18, 2026