Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. Successful attacks of this vulnerability can result in takeover of Oracle Communications Operations Monitor. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
References
| Link | Resource |
|---|---|
| https://www.oracle.com/security-alerts/cpujan2022.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Jan 2022, 03:36
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
| First Time |
Oracle
Oracle communications Operations Monitor |
|
| References | (MISC) https://www.oracle.com/security-alerts/cpujan2022.html - Vendor Advisory | |
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:* cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:* |
19 Jan 2022, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-01-19 12:15
Updated : 2023-12-10 14:09
NVD link : CVE-2022-21395
Mitre link : CVE-2022-21395
CVE.ORG link : CVE-2022-21395
JSON object : View
Products Affected
oracle
- communications_operations_monitor
CWE