Vulnerability in Oracle Adaptive Access Manager Component of Oracle Fusion Middleware
CVE-2018-2770

7.6HIGH

Key Information:

Vendor

Oracle
Status
Adaptive Access Manager
Vendor
CVE Published:
19 April 2018

What is CVE-2018-2770?

The Oracle Adaptive Access Manager component within Oracle Fusion Middleware is susceptible to a vulnerability that allows a low-privileged attacker with network access via HTTP to compromise its integrity. The exploitation of this vulnerability requires human interaction from an unsuspecting user, escalating the potential for unauthorized access to critical data. This can lead to complete access to all data managed by Oracle Adaptive Access Manager, including unauthorized updates, inserts, or deletions of data. The implications of this vulnerability extend beyond its immediate environment, potentially affecting other products leveraging Oracle Adaptive Access Manager.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Adaptive Access Manager 11.1.2.3.0

References

http://www.securitytracker.com/id/1040695
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/103806
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.6
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.