Vulnerability in Oracle Argus Safety by Oracle
CVE-2018-2644

6.1MEDIUM

Key Information:

Vendor: Oracle
Status: Argus Safety
Vendor: CVE Published:; 18 January 2018

Summary

A vulnerability exists within the Oracle Argus Safety component of Oracle Health Sciences Applications, allowing unauthenticated attackers with network access to compromise the system. The vulnerability specifically affects versions 7.x, 8.0.x, and 8.1. Exploitation requires human interaction, allowing attackers to execute unauthorized updates, inserts, or deletions of data, as well as unauthorized read access to certain data within Oracle Argus Safety. This may lead to significant consequences for both the integrity and confidentiality of data across other dependent products.

Affected Version(s)

Argus Safety 7.x

Argus Safety 8.0.x

Argus Safety 8.1

References

http://www.oracle.com/technetwork/security-advisory/cpuja...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/102627

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 18, 2018
Vulnerability Reserved
Dec 15, 2017