Vulnerability in Oracle WebCenter Content Affects Oracle Fusion Middleware
CVE-2017-10075

8.2HIGH

Key Information:

Vendor
Oracle
Status
Webcenter Content
Vendor
CVE Published:
8 August 2017

Summary

This vulnerability in Oracle WebCenter Content allows unauthenticated remote attackers with network access through HTTP to exploit the system. An attacker may manipulate the system during user interaction without their consent, leading to unauthorized access to sensitive information. The impact could extend to critical data within Oracle WebCenter Content, enabling potential unauthorized updates, insertions, or deletions of accessible data. These exploits highlight the necessity for vigilant security practices and updates to mitigate potential risks. For more information, refer to the advisory issued by Oracle.

Affected Version(s)

WebCenter Content 11.1.1.9.0

WebCenter Content 12.2.1.1.0

WebCenter Content 12.2.1.2.0

References

http://www.securitytracker.com/id/1038940
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/99807
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

EPSS Score

70% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.