OSA-33287901

Vulnerability in the Oracle Utilties Application Framework product of Oracle Utilities Applications (component: General (Apache Commons IO)). Supported versions that are affected are 4.3.0.3.0-4.3.0.6.0, 4.4.0.0.0 and 4.4.0.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Utilties Application Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Utilties Application Framework accessible data as well as unauthorized read access to a subset of Oracle Utilties Application Framework accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).