OSA-35351062

Vulnerability in the Oracle Healthcare Master Person Index product of Oracle HealthCare Applications (component: Internal Operations (Spring Framework)). Supported versions that are affected are 5.0.0-5.0.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Healthcare Master Person Index. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Healthcare Master Person Index. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).