漏洞标题
N/A
漏洞描述信息
Oracle通信 Interactive Session Recorder产品(组件:Provision API)中的漏洞。受影响的支持版本是6.4。容易利用的漏洞允许通过HTTP网络访问的未授权攻击者访问Oracle通信 Interactive Session Recorder。尽管该漏洞在Oracle通信 Interactive Session Recorder中,但攻击可能严重影响其他产品。成功利用此漏洞可能会导致对Oracle通信 Interactive Session Recorder可访问数据的未经授权更新、插入或删除访问,以及未经授权读取Oracle通信 Interactive Session Recorder可访问数据的部分访问和未经授权的能力导致Oracle通信 Interactive Session Recorder部分拒绝服务(部分DOS)。CVSS 3.1基础得分8.3( confidentiality, integrity 和 availability 影响)。CVSS向量:(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L)
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communications (component: Provision API). The supported version that is affected is 6.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Interactive Session Recorder. While the vulnerability is in Oracle Communications Interactive Session Recorder, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Interactive Session Recorder accessible data as well as unauthorized read access to a subset of Oracle Communications Interactive Session Recorder accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Interactive Session Recorder. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
漏洞类别
N/A
漏洞标题
Oracle Communications 安全漏洞
漏洞描述信息
Oracle Communications是美国甲骨文(Oracle)公司的一款产品。为服务提供商和企业提供集成通信和云解决方案,以加速他们的数字化转型。 Oracle Communications 的 Oracle Communications Interactive Session Recorder 产品中存在安全漏洞,该漏洞允许未经身份验证的攻击者通过 HTTP 访问网络来破坏 Oracle Communications Interactive Session Recorder。虽然该漏洞存在于 O
CVSS信息
N/A
漏洞类别
其他