Vulnerability in Oracle Enterprise Manager Base Platform Affects Data Security
CVE-2020-2982

7.1HIGH

Key Information:

Vendor: Oracle
Status: Enterprise Manager Base Platform
Vendor: CVE Published:; 15 July 2020

Summary

The vulnerability found in the Oracle Enterprise Manager Base Platform allows low-privileged attackers with network access via HTTP to exploit the system. This can lead to unauthorized access to sensitive data, enabling attackers to read, modify, insert, or delete information in the Enterprise Manager Base Platform. Organizations using affected versions 13.3.0.0 and 13.4.0.0 should take immediate action to assess their security posture and mitigate potential risks.

Affected Version(s)

Enterprise Manager Base Platform 13.3.0.0

Enterprise Manager Base Platform 13.4.0.0

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Dec 10, 2019