VDB

OSA-38040768

OSA-38040768 PUBLISHED CVSS 4 MEDIUM

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Security Framework (jackson-databind)). Supported versions that are affected are 13.5 and 24.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Enterprise Manager Base Platform executes to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. CVSS 3.1 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

Risk Scores

CVSS 3.1
4
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Timeline

  • Oct 20, 2025 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›