Exploitation Summary
EIP tracks 1 public exploit for CVE-2023-21837. PoCs published by hktalent.
AI-analyzed exploit summary This PoC checks for CVE-2023-21837 by sending a specific binary payload to a target host and port, then analyzing the response to determine vulnerability. The exploit appears to target a network service, likely related to Oracle WebLogic Server.
Description
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Exploits (1)
This PoC checks for CVE-2023-21837 by sending a specific binary payload to a target host and port, then analyzing the response to determine vulnerability. The exploit appears to target a network service, likely related to Oracle WebLogic Server.
References (1)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N