OSA-37889127

Vulnerability in Oracle Fusion Middleware (component: Third Party (Perl)). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Fusion Middleware as well as unauthorized update, insert or delete access to some of Oracle Fusion Middleware accessible data and unauthorized read access to a subset of Oracle Fusion Middleware accessible data. CVSS 3.1 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H).