Login Sign Up

CVE-2026-21980

6.5 MEDIUM

📋 TL;DR

An unauthenticated remote attacker can exploit this vulnerability in Oracle Life Sciences Central Coding via HTTP to modify or delete some data and read a subset of accessible data. This affects Oracle Health Sciences Applications users running version 7.0.1.0 of the Central Coding component.

💻 Affected Systems

Products:
  • Oracle Life Sciences Central Coding
Versions: 7.0.1.0
Operating Systems: Not specified - likely platform independent
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the Platform component specifically. Requires Oracle Health Sciences Applications infrastructure.

📦 What is this software?

Life Sciences Central Coding by Oracle

View all CVEs affecting Life Sciences Central Coding →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of sensitive health sciences data including unauthorized modifications to coding databases and exposure of confidential patient/research information.

🟠

Likely Case

Partial data corruption or unauthorized viewing of sensitive coding information, potentially affecting research integrity and compliance.

🟢

If Mitigated

Limited impact with proper network segmentation and access controls preventing external exploitation.

🌐 Internet-Facing: HIGH - Unauthenticated network access via HTTP makes internet-facing instances extremely vulnerable.
🏢 Internal Only: MEDIUM - Internal instances still vulnerable to insider threats or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

CVSS indicates low attack complexity with no authentication required, making exploitation straightforward for attackers with network access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Oracle January 2026 Critical Patch Update advisory

Vendor Advisory: https://www.oracle.com/security-alerts/cpujan2026.html

Restart Required: Yes

Instructions:

1. Review Oracle January 2026 Critical Patch Update advisory. 2. Apply the relevant patch for Oracle Life Sciences Central Coding 7.0.1.0. 3. Restart affected services. 4. Test functionality post-patch.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict network access to Oracle Life Sciences Central Coding instances to only trusted IP addresses/networks.

Use firewall rules to limit HTTP access to specific source IPs

Web Application Firewall

all

Deploy WAF with rules to block suspicious HTTP requests to the Central Coding application.

Configure WAF to inspect and filter HTTP traffic to the application

🧯 If You Can't Patch

  • Implement strict network access controls and isolate the system in a segmented network
  • Monitor application logs for unauthorized access attempts and implement intrusion detection

🔍 How to Verify

Check if Vulnerable:

Check Oracle Life Sciences Central Coding version via application interface or configuration files. Version 7.0.1.0 is vulnerable.

Check Version:

Check Oracle application version through administrative console or configuration files (specific command depends on deployment)

Verify Fix Applied:

Verify patch installation through Oracle patch management tools and confirm version is updated beyond 7.0.1.0.

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized HTTP requests to Central Coding endpoints
  • Unexpected data modification or access patterns in application logs

Network Indicators:

  • Unusual HTTP traffic patterns to Central Coding ports
  • External IP addresses accessing internal coding systems

SIEM Query:

source="oracle-central-coding" AND (http_method=POST OR http_method=PUT OR http_method=DELETE) AND user="anonymous"

📊 Metadata

CVE ID: CVE-2026-21980
CVSS v3 Score: 6.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
EPSS Score: 0.03% exploit probability (8.3th percentile)
Published: January 20, 2026
Last Updated: January 29, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON