Unrated severityNVD Advisory· Published Jan 19, 2022· Updated Sep 24, 2024
CVE-2022-21395
CVE-2022-21395
Description
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. Successful attacks of this vulnerability can result in takeover of Oracle Communications Operations Monitor. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
Affected products
2>=3.4, <=5.0+ 1 more
- (no CPE)range: >=3.4, <=5.0
- (no CPE)range: 3.4
Patches
Vulnerability mechanics
References
1- www.oracle.com/security-alerts/cpujan2022.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.