Skip to main content

CVE-2023-21839

Description

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Oracle
Severity: HIGH
CVE ID: CVE-2023-21839
CVSS Score: 7.5
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Refrence: NVDMITRE

Proof Of Concept

DXask88MA

Refrence: GitHub

ASkyeye

Weblogic CVE-2023-21839 RCE (无需Java依赖一键RCE)

Refrence: GitHub

Firebasky

CVE-2023-21839工具

Refrence: GitHub

houqe

CVE-2023-21839 Python版本

Refrence: GitHub

kw3h4

Refrence: GitHub

MMarch7

Refrence: GitHub

Romanc9

A testing tool for CobaltStrike-RCE:CVE-2022-39197; Weblogic-RCE:CVE-2023-21839; MinIO:CVE-2023-28432

Refrence: GitHub

dinosn

CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839

Refrence: GitHub

Content on GitHub

gobysec | watchers:150

Weblogic
WebLogic vulnerability exploration from beginner to expert.

Refrence: GitHub

fakenews2025 | watchers:0

CVE-2023-21839
CVE-2023-21839 exp

Refrence: GitHub

0xn0ne | watchers:1

simple-scanner
try a faster and simpler scanning framework.

Refrence: GitHub

Tags:
Last updated on by Vulnerability_bot_v1.3.8