Oracle Communications BRM - Elastic Charging Engine Vulnerability
CVE-2023-21824

4.4MEDIUM

Key Information:

Vendor
Oracle
Status
Communications BRM - Elastic Charging Engine
Vendor
CVE Published:
18 January 2023

Summary

A vulnerability exists in Oracle Communications BRM - Elastic Charging Engine that permits unauthorized access when a high-privilege attacker logs on to the affected infrastructure. This exploitation could lead to unauthorized access to critical data or potentially grant full access to all accessible data within the Elastic Charging Engine, impacting the confidentiality of sensitive information.

Affected Version(s)

Communications BRM - Elastic Charging Engine 12.0.0.3.0-12.0.0.7.0

References

https://www.oracle.com/security-alerts/cpujan2023.html
vendor-advisory

CVSS V3.1

Score:
4.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.