OSA-2021-3712-apr2022

OSA-2021-3712-apr2022 PUBLISHED CVSS 7.400000095367432 HIGH

Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications (component: Security (OpenSSL)). Supported versions that are affected are 8.4 and 9.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Enterprise Session Border Controller. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Enterprise Session Border Controller accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Enterprise Session Border Controller. CVSS 3.1 Base Score 7.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H).

Risk Scores

CVSS v3.1

7.400000095367432

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H

Timeline

Sep 20, 2024 CVE Published

References

Oracle CPU cpuapr2022 — CVE-2021-3712 advisory

Open in Interactive Console →