Denial of Service Risk in Oracle Knowledge's Information Manager Console
CVE-2020-2932
5.9MEDIUM
Summary
A vulnerability exists in Oracle Knowledge's Information Manager Console, affecting versions 8.6.0 to 8.6.3, allowing unauthenticated network attackers using HTTP to cause significant disruptions. Successful exploitation may lead to the application hanging or experiencing repeated crashes, resulting in a denial of service condition. This can severely impact availability and disrupt service for users.
Affected Version(s)
Knowledge 8.6.0-8.6.3
References
CVSS V3.1
Score:
5.9
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved