CVE-2021-2428: 
Oracle Coherence vulnerability analysis and mitigation

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. This is a difficult to exploit vulnerability that allows unauthenticated attackers with network access via T3, IIOP to compromise Oracle Coherence (Oracle Advisory).

The vulnerability has been assigned a CVSS 3.1 Base Score of 8.1 (High) with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H. The scoring indicates that while the vulnerability is network accessible, it requires a high level of attack complexity to exploit. No user privileges or interaction are required for exploitation (NVD).

Successful exploitation of this vulnerability can result in complete takeover of Oracle Coherence, potentially affecting the confidentiality, integrity, and availability of the system. The high CVSS score reflects the severe potential impact on all three security aspects (Oracle Advisory).

Oracle has released security patches to address this vulnerability as part of the July 2021 Critical Patch Update. Organizations running affected versions (12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0) should apply the available patches immediately (Oracle Advisory).