AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2021-35617: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Suppor

criticalvulnerability

security

Source: NVD/CVE DatabaseOctober 20, 2021CVE-2021-35617

Summary

A serious vulnerability (CVE-2021-35617) exists in Oracle WebLogic Server's Coherence Container component that allows attackers without authentication to take over the server by sending specially crafted messages over IIOP (a network protocol for distributed systems). The flaw affects versions 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 and has a CVSS score (severity rating) of 9.8 out of 10, indicating it severely impacts security.

Vulnerability Details

CVSS Score

9.8(critical)

EPSS (30-day exploit probability)

EPSS: 5.2%

Classification

Attack SophisticationModerate

Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-35617

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%