Security Flaw in Oracle GoldenGate by Oracle
CVE-2018-2832

8.6HIGH

Key Information:

Vendor: Oracle
Status: Goldengate
Vendor: CVE Published:; 19 April 2018

Summary

A vulnerability exists in Oracle GoldenGate that permits an unauthenticated attacker with network access via HTTP to exploit the system. This vulnerability can lead to unauthorized access to sensitive information, potentially exposing critical data stored within Oracle GoldenGate. Although the flaw is specific to Oracle GoldenGate, successful exploitation may also affect other interconnected systems and applications, amplifying the risk of data breaches and unauthorized data manipulation.

Affected Version(s)

GoldenGate 12.2.0.1

References

http://www.securityfocus.com/bid/103843

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Apr 19, 2018
Vulnerability Reserved
Dec 15, 2017