OSA-2021-41411-jan2023

OSA-2021-41411-jan2023 PUBLISHED CVSS 9.800000190734863 CRITICAL

Vulnerability in the Oracle Communications Unified Inventory Management product of Oracle Communications Applications (component: Rulesets (XStream)). Supported versions that are affected are 7.4.0, 7.4.1, 7.4.2 and 7.5.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Unified Inventory Management. Successful attacks of this vulnerability can result in takeover of Oracle Communications Unified Inventory Management. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Risk Scores

CVSS v3.1

9.800000190734863

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

Feb 27, 2023 CVE Published

References

Oracle CPU cpujan2023 — CVE-2021-41411 advisory

Open in Interactive Console →