Unauthorized Access Vulnerability in Oracle WebCenter Content from Oracle Fusion Middleware
CVE-2022-21552

7.2HIGH

Key Information:

Vendor: Oracle
Status: Webcenter Content
Vendor: CVE Published:; 19 July 2022

What is CVE-2022-21552?

The vulnerability present in Oracle WebCenter Content allows an unauthenticated attacker with HTTP network access to exploit the system, leading to unauthorized manipulations of data. This includes the potential for unauthorized updates, inserts, or deletions, as well as unauthorized read access to sensitive information. While primarily affecting Oracle WebCenter Content, this vulnerability poses a risk to associated products, making it critical for users to ensure their systems are protected against such exploits.

Affected Version(s)

WebCenter Content 12.2.1.3.0

WebCenter Content 12.2.1.4.0

References

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 19, 2022
Vulnerability Reserved
Nov 15, 2021