Oracle WebCenter Content Vulnerability in Oracle Fusion Middleware
CVE-2018-2828

8.2HIGH

Key Information:

Vendor

Oracle
Status
Webcenter Content
Vendor
CVE Published:
19 April 2018

What is CVE-2018-2828?

This vulnerability exists in the Oracle WebCenter Content component of Oracle Fusion Middleware, specifically within the Content Server. It allows low-privileged attackers with network access via HTTP to exploit the system, leading to potential unauthorized access to sensitive data. The attack process necessitates human interaction, which introduces a unique attack vector. Despite the vulnerability being localized within Oracle WebCenter Content, it poses risks to connected systems, as successful exploitation may enable unauthorized modifications, deletions, and could lead to a partial denial of service. Consequently, this vulnerability presents substantial risks to the integrity and confidentiality of accessible data across the affected versions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

WebCenter Content 11.1.1.9.0

WebCenter Content 12.2.1.2.0

WebCenter Content 12.2.1.3.0

References

http://www.securitytracker.com/id/1040695
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/103797
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.