Vulnerability in Oracle WebCenter Sites by Oracle Affecting Support Tools
CVE-2017-10033

4MEDIUM

Key Information:

Vendor
Oracle
Status
Webcenter Sites
Vendor
CVE Published:
19 October 2017

Summary

A vulnerability exists in Oracle WebCenter Sites within the Oracle Fusion Middleware suite. This flaw allows an unauthenticated attacker who gains access to the infrastructure where Oracle WebCenter Sites operates to potentially compromise the application. Exploitation of this vulnerability could lead to unauthorized modifications, including updates, insertions, or deletions of accessible data. Additionally, it may enable unauthorized reading of certain data within the Oracle WebCenter Sites environment. It is crucial for organizations using affected versions to promptly apply necessary mitigations to safeguard their data integrity and confidentiality.

Affected Version(s)

WebCenter Sites 11.1.1.8.0

WebCenter Sites 12.2.1.2.0

References

http://www.securitytracker.com/id/1039602
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/101408
vdb-entryx_refsource_BID

CVSS V3.1

Score:
4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.