Vulnerability in Oracle SOA Suite Affects Oracle Fusion Middleware
CVE-2018-3105

4.3MEDIUM

Key Information:

Vendor: Oracle
Status: Soa Suite
Vendor: CVE Published:; 18 July 2018

What is CVE-2018-3105?

A vulnerability exists in Oracle SOA Suite, part of Oracle Fusion Middleware, allowing a low privileged attacker to gain unauthorized read access to sensitive data via HTTP. This issue affects specific versions, making it crucial for organizations to address this security risk to ensure the integrity of their data.

Affected Version(s)

SOA Suite 11.1.1.7.0

SOA Suite 11.1.1.9.0

SOA Suite 12.1.3.0.0

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/104821

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2018
Vulnerability Reserved
Dec 15, 2017