CVE-2017-3506CISA KEVEPSS p99.9%
CVE-2017-3506Oracle WebLogic Server OS Command Injection Vulnerability
Oracle / WebLogic Server
Description
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an OS command injection vulnerability that allows an attacker to execute arbitrary code via a specially crafted HTTP request that includes a malicious XML document.
Scoring
| EPSS | 96.02% probability of exploitation · percentile 99.9% · 2026-06-15T12:03:41Z |
CISA KEV entry
Added to KEV: 2024-06-03
(incoming)1
| Type | Target | Confidence | Tier |
|---|---|---|---|
| KEVEntry | Oracle WebLogic Server OS Command Injection Vulnerabilitykev-cve-2017-3506 | 0% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.