Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle webcenter portal 12.2.1.3.0 |
||
oracle utilities framework 4.2.0.3.0 |
||
oracle utilities framework 4.2.0.2.0 |
||
oracle retail assortment planning 15.0 |
||
oracle utilities framework 4.4.0.0.0 |
||
oracle retail assortment planning 16.0 |
||
oracle coherence 12.2.1.3.0 |
||
oracle coherence 12.1.3.0.0 |
||
oracle coherence 3.7.1.0 |
||
oracle coherence 12.2.1.4.0 |
||
oracle webcenter portal 12.2.1.4.0 |
||
oracle rapid planning 12.1 |
||
oracle rapid planning 12.2 |
||
oracle utilities framework |
||
oracle utilities framework 4.4.0.2.0 |
||
oracle communications diameter signaling router |
||
oracle healthcare data repository 7.0.1 |
||
oracle commerce platform |
||
oracle commerce platform 11.0.0 |
||
oracle commerce platform 11.1.0 |
||
oracle commerce platform 11.2.0 |
House of Larry delivers massive update for 93 products Updated your WordPress plugins lately? Here are 320,000 auth-bypassing reasons why you should
Oracle has released a sweeping set of security patches across the breadth of its software line. The January update, delivered one day after Microsoft, Intel, Adobe, and others dropped their scheduled monthly patches, addresses a total of 334 security vulnerabilities across 93 different products from the enterprise giant. As you may imagine, most IT admins will only need to test and apply a handful of the updates for their specific platforms. For Oracle's flagship Database Server, the update incl...