Vulnerability in Oracle Communications Billing and Revenue Management by Oracle
CVE-2022-21430

8.5HIGH

Key Information:

Vendor: Oracle
Status: Communications Billing And Revenue Management
Vendor: CVE Published:; 19 April 2022

What is CVE-2022-21430?

An identified vulnerability in Oracle Communications Billing and Revenue Management allows a low-privileged attacker with network access via TCP to potentially compromise the system. While primarily affecting the billing and revenue management component, the implications of this vulnerability could extend its impact to additional interconnected applications. Successful exploitation might enable unauthorized access and control, raising significant security concerns.

Affected Version(s)

Communications Billing and Revenue Management 12.0.0.4

Communications Billing and Revenue Management 12.0.0.5

References

https://www.oracle.com/security-alerts/cpuapr2022.html

x_refsource_MISC

CVSS V3.1

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 19, 2022
Vulnerability Reserved
Nov 15, 2021