OSA-2018-1311-oct2022
Vulnerability in the Oracle Communications Network Charging and Control product of Oracle Communications Applications (component: Gateway (Apache Xerces-C)). Supported versions that are affected are 6.0.1.0.0 and 12.0.1.0.0-12.0.5.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Network Charging and Control. Successful attacks of this vulnerability can result in takeover of Oracle Communications Network Charging and Control. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
Risk Scores
Timeline
- Dec 12, 2022 CVE Published