VDB

CISA-2023-21925

CISA-2023-21925 PUBLISHED CVSS 5.3 MEDIUM

Reported by oracle · Published April 18, 2023

Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Health Sciences InForm. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Health Sciences InForm. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products

VendorProductVersions
Oracle CorporationHealth Sciences InForm*, *
Oracle CorporationHealth Sciences InForm*, *, *

Timeline

  • Apr 18, 2023 CVE Published
  • Sep 16, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›