VDB

CVE-2022-21545

CVE-2022-21545 PUBLISHED CVSS 5.300000190734863 MEDIUM

Vulnerability in the Oracle iRecruitment product of Oracle E-Business Suite (component: Candidate Self Service Registration). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iRecruitment. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iRecruitment accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

EPSS 0.28% · 51.5th percentile

Risk Scores

CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score
0.28%
51.5th percentile

Affected Products

VendorProductVersions
Oracle CorporationiRecruitment12.2.3-12.2.11
oracleirecruitment12.2.3

Exploit Intelligence

Timeline

  • Jul 19, 2022 CVE Published
  • Jul 20, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Oct 22, 2022 EPSS Score
  • Dec 8, 2022 EPSS Score
  • Jan 24, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score
  • Apr 27, 2023 EPSS Score
  • Jun 13, 2023 EPSS Score
  • Jul 30, 2023 EPSS Score
  • Sep 15, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›