Unrated severityNVD Advisory· Published Oct 17, 2023· Updated Sep 13, 2024
CVE-2023-22088
CVE-2023-22088
Description
Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: User Management). Supported versions that are affected are 7.4.0 and 7.4.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Order and Service Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Communications Order and Service Management accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).
Affected products
27.4.0, 7.4.1+ 1 more
- (no CPE)range: 7.4.0, 7.4.1
- (no CPE)range: 7.4.0
Patches
Vulnerability mechanics
References
1- www.oracle.com/security-alerts/cpuoct2023.htmlmitrevendor-advisory
News mentions
0No linked articles in our index yet.