漏洞标题
N/A
漏洞描述信息
Oracle通信运营监控产品(组件: Mediation Engine)中的Oracle通信运营监控漏洞。受影响的支持版本是3.4、4.2、4.3、4.4和5.0。容易利用的漏洞允许通过HTTP网络访问的低特权攻击者入侵Oracle通信运营监控。成功攻击需要攻击者之外的人的手动交互,虽然漏洞在Oracle通信运营监控中,但攻击可能会对其他产品产生重大影响。利用此漏洞的成功攻击可能导致对Oracle通信运营监控可访问数据的未经授权更新、插入或删除访问,以及对Oracle通信运营监控可访问数据部分未经授权的读取访问。CVSS等级得分3.1基础得分为5.4(保密性和完整性影响)。CVSS向量:(CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Communications Operations Monitor, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Operations Monitor accessible data as well as unauthorized read access to a subset of Oracle Communications Operations Monitor accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
Oracle Communications 安全漏洞
漏洞描述信息
Oracle Communications是美国甲骨文(Oracle)公司的一款产品。为服务提供商和企业提供集成通信和云解决方案,以加速他们的数字化转型。 Oracle Communications 的 Oracle Communications Operations Monitor 产品中存在安全漏洞,该漏洞允许通过 HTTP 进行网络访问的低权限攻击者破坏 Oracle Communications Operations Monitor。
CVSS信息
N/A
漏洞类别
其他