OSA-38737823
Vulnerability in the Oracle Communications Unified Assurance product of Oracle Communications (component: Core (node-forge)). Supported versions that are affected are 6.1.0-6.1.1. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Unified Assurance. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Unified Assurance accessible data. CVSS 3.1 Base Score 2.4 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N).
Risk Scores
Timeline
- Jan 20, 2026 CVE Published