Unrated severityNVD Advisory· Published Oct 17, 2018· Updated Oct 2, 2024
CVE-2018-3254
CVE-2018-3254
Description
Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Portal accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Affected products
211.1.1.9.0, 12.2.1.3.0+ 1 more
- (no CPE)range: 11.1.1.9.0, 12.2.1.3.0
- (no CPE)range: 11.1.1.9.0
Patches
Vulnerability mechanics
References
2- www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.htmlmitrex_refsource_CONFIRM
- www.securityfocus.com/bid/105649mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.