Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). The supported version that is affected is 3.0.3.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Convergence. Successful attacks of this vulnerability can result in takeover of Oracle Communications Convergence. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.oracle.com/security-alerts/cpujan2023.html |
History
Wed, 18 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 17 Sep 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-269 |
MITRE
Status: PUBLISHED
Assigner: oracle
Published: 2023-01-17T23:35:12.668Z
Updated: 2024-09-17T13:46:20.742Z
Reserved: 2022-12-17T19:26:00.691Z
Link: CVE-2023-21848
Vulnrichment
Updated: 2024-08-02T09:51:51.277Z
NVD
Status : Modified
Published: 2023-01-18T00:15:14.050
Modified: 2024-09-17T14:35:07.500
Link: CVE-2023-21848
Redhat
No data.