OSA-38993744

Vulnerability in the Oracle Middleware Common Libraries and Tools product of Oracle Fusion Middleware (component: Third Party (Apache Avro)). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Middleware Common Libraries and Tools. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Middleware Common Libraries and Tools accessible data as well as unauthorized read access to a subset of Oracle Middleware Common Libraries and Tools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Middleware Common Libraries and Tools. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).