Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Content. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Advisories
No advisories yet.
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
| Link | Providers |
|---|---|
| https://www.oracle.com/security-alerts/cspujun2026.html |
|
History
Thu, 18 Jun 2026 04:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Unauthenticated HTTP Remote Code Execution in Oracle WebCenter Content | |
| Weaknesses | CWE-284 | |
| Metrics |
ssvc
|
Tue, 16 Jun 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks of this vulnerability can result in takeover of Oracle WebCenter Content. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |
| First Time appeared |
Oracle
Oracle webcenter Content |
|
| CPEs | cpe:2.3:a:oracle:webcenter_content:12.2.1.4.0:*:*:*:*:*:*:* cpe:2.3:a:oracle:webcenter_content:14.1.2.0.0:*:*:*:*:*:*:* |
|
| Vendors & Products |
Oracle
Oracle webcenter Content |
|
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: oracle
Published:
Updated: 2026-06-19T03:55:42.749Z
Reserved: 2026-05-18T15:55:10.296Z
Link: CVE-2026-46766
Updated: 2026-06-17T15:25:23.705Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-06-26T09:00:12Z
Weaknesses