Unauthorized Data Access Vulnerability in Oracle Security Service
CVE-2020-14530

5.9MEDIUM

Key Information:

Vendor: Oracle
Status: Security Service
Vendor: CVE Published:; 15 July 2020

Summary

A vulnerability exists in the Oracle Security Service of Oracle Fusion Middleware, where an unauthenticated attacker with network access through HTTPS could exploit this flaw. Successful exploitation could lead to unauthorized access to sensitive information or complete control over all data accessible via Oracle Security Service, potentially compromising critical data integrity and confidentiality.

Affected Version(s)

Security Service 11.1.1.9.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

5.9

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020