Vulnerability in Oracle WebCenter Sites Support Tools Product of Oracle
CVE-2022-21575

6MEDIUM

Key Information:

Vendor: Oracle
Status: Webcenter Sites
Vendor: CVE Published:; 19 July 2022

What is CVE-2022-21575?

The vulnerability in Oracle WebCenter Sites Support Tools allows attackers with high privileges to exploit HTTP access, compromising sensitive data and gaining unauthorized control over critical operations, including data manipulation and service interruptions. This includes unauthorized updates, inserts, or deletions, raising serious security concerns for users of affected versions.

Affected Version(s)

WebCenter Sites < 4.4.2

References

https://www.oracle.com/security-alerts/cpujul2022.html

x_refsource_MISC

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 19, 2022
Vulnerability Reserved
Nov 15, 2021