OSA-37200686

Vulnerability in the Oracle Communications Cloud Native Core Network Slice Selection Function product of Oracle Communications (component: Install (OpenSSL)). The supported version that is affected is 25.1.100. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Communications Cloud Native Core Network Slice Selection Function. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Communications Cloud Native Core Network Slice Selection Function accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Communications Cloud Native Core Network Slice Selection Function. CVSS 3.1 Base Score 9.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H).