Oracle WebCenter Content Vulnerability Affects Oracle Fusion Middleware
CVE-2018-2564

8.2HIGH

Key Information:

Vendor
Oracle
Status
Webcenter Content
Vendor
CVE Published:
18 January 2018

Summary

This vulnerability is found in the Oracle WebCenter Content component of Oracle Fusion Middleware. It allows an unauthenticated attacker with network access via HTTP to exploit the vulnerability. The attack requires human interaction from a person other than the attacker to be successful. While the vulnerability resides within the Oracle WebCenter Content, successful exploitation may have significant repercussions on other interconnected products. The risks include unauthorized access to create, delete, or modify critical data, as well as unauthorized read access to some sensitive data within the Oracle WebCenter Content environment.

Affected Version(s)

WebCenter Content 11.1.1.9.0

References

http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/102541
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1040207
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.