7.5
CVE-2018-2765
- EPSS 1.34%
- Veröffentlicht 19.04.2018 02:29:01
- Zuletzt bearbeitet 21.11.2024 04:04:24
- Quelle secalert_us@oracle.com
- CVE-Watchlists
- Unerledigt
LoginVulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Oracle ≫ Security Service Version11.1.1.9.0
Oracle ≫ Security Service Version12.1.3.0.0
Oracle ≫ Security Service Version12.2.1.2.0
Oracle ≫ Security Service Version12.2.1.3.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.34% | 0.794 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|