Vulnerability in Oracle Fusion Middleware's MapViewer Component
CVE-2018-2943

9.8CRITICAL

Key Information:

Vendor
Oracle
Status
Fusion Middleware Mapviewer
Vendor
CVE Published:
18 July 2018

Summary

This vulnerability in Oracle Fusion Middleware's MapViewer component enables unauthenticated attackers with network access through HTTP to exploit weaknesses in the system. By leveraging this vulnerability, attackers can potentially compromise the functionality of Oracle Fusion Middleware's MapViewer, leading to severe implications such as unauthorized data access and system control. The vulnerability is present in supported versions 12.2.1.2.0 and 12.2.1.3.0.

Affected Version(s)

Fusion Middleware MapViewer 12.2.1.2.0

Fusion Middleware MapViewer 12.2.1.3.0

References

http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/104771
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041310
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.