Vulnerability in Oracle WebCenter Portal Security Framework
CVE-2020-14552

6.8MEDIUM

Key Information:

Vendor: Oracle
Status: Webcenter Portal
Vendor: CVE Published:; 15 July 2020

What is CVE-2020-14552?

A security vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware allows low-privileged attackers with HTTP access to potentially compromise the system. While the vulnerability primarily affects Oracle WebCenter Portal versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0, successful exploitations could lead to unauthorized access to sensitive data, significantly impacting related products. Attacks necessitate human interaction from a non-attacker, heightening the importance of user awareness in maintaining security.

Affected Version(s)

WebCenter Portal 11.1.1.9.0

WebCenter Portal 12.2.1.3.0

WebCenter Portal 12.2.1.4.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

6.8

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020