Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). The supported version that is affected is 3.0.3.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Convergence. Successful attacks of this vulnerability can result in takeover of Oracle Communications Convergence. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.oracle.com/security-alerts/cpujan2023.html |
![]() ![]() |
History
Wed, 18 Sep 2024 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 17 Sep 2024 15:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-269 |

Status: PUBLISHED
Assigner: oracle
Published: 2023-01-17T23:35:12.668Z
Updated: 2024-09-17T13:46:20.742Z
Reserved: 2022-12-17T19:26:00.691Z
Link: CVE-2023-21848

Updated: 2024-08-02T09:51:51.277Z

Status : Modified
Published: 2023-01-18T00:15:14.050
Modified: 2024-11-21T07:43:46.367
Link: CVE-2023-21848

No data.