Vulnerability in Oracle Communications Interactive Session Recorder by Oracle
CVE-2020-14574

4.7MEDIUM

Key Information:

Vendor: Oracle
Status: Communications Interactive Session Recorder
Vendor: CVE Published:; 15 July 2020

Summary

This vulnerability in Oracle Communications Interactive Session Recorder allows a high-privileged attacker with access to the execution infrastructure to exploit critical functionalities. If successfully exploited, it could lead to unauthorized access to sensitive data, as well as unauthorized modifications including updates, inserts, or deletions of accessible data. Organizations using the affected versions should prioritize remediation to protect against potential data breaches.

Affected Version(s)

Communications Interactive Session Recorder 6.1-6.4

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020