CVE Vulnerabilities

CVE-2022-21395

Published: Jan 19, 2022 | Modified: Jan 25, 2022
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. Successful attacks of this vulnerability can result in takeover of Oracle Communications Operations Monitor. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Affected Software

Name Vendor Start Version End Version
Communications_operations_monitor Oracle 3.4 (including) 3.4 (including)
Communications_operations_monitor Oracle 4.2 (including) 4.2 (including)
Communications_operations_monitor Oracle 4.3 (including) 4.3 (including)
Communications_operations_monitor Oracle 4.4 (including) 4.4 (including)
Communications_operations_monitor Oracle 5.0 (including) 5.0 (including)

References