Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Content. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Oracle |
|
No data.
No data.
No data.
References
| Link | Providers |
|---|---|
| https://www.oracle.com/security-alerts/cspujun2026.html |
|
History
Tue, 16 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Content. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). | |
| First Time appeared |
Oracle
Oracle webcenter Content |
|
| CPEs | cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_content:14.1.2.0.0:*:*:*:*:*:*:* |
|
| Vendors & Products |
Oracle
Oracle webcenter Content |
|
| References |
| |
| Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: oracle
Published:
Updated: 2026-06-16T19:27:11.952Z
Reserved: 2026-04-01T20:03:40.838Z
Link: CVE-2026-35324
Vulnrichment
No data.
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
No data.