Vulnerability in Oracle WebCenter Sites Advanced User Interface Affecting Oracle
CVE-2020-14613

6.1MEDIUM

Key Information:

Vendor: Oracle
Status: Webcenter Sites
Vendor: CVE Published:; 15 July 2020

Summary

An unauthenticated vulnerability exists in the Advanced User Interface of Oracle WebCenter Sites that allows unauthorized individuals to exploit the system with network access via HTTP. Successful exploitation can lead to unauthorized modifications, deletions, or unauthorized reading of sensitive data, significantly affecting security and confidentiality in Oracle WebCenter Sites. This vulnerability requires interactive participation from users who are not the attackers, emphasizing the need for heightened user awareness and security measures surrounding the affected Oracle products.

Affected Version(s)

WebCenter Sites 12.2.1.3.0

WebCenter Sites 12.2.1.4.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020