CVE-2018-2765
Published: Apr 19, 2018
Modified: Oct 3, 2024
Description
Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
| Vendor | Product | Versions |
|---|---|---|
Oracle Corporation | Security Service | affected 11.1.1.9.0affected 12.1.3.0.0affected 12.2.1.2.0affected 12.2.1.3.0 |
Oracle Corporation | Database - Enterprise Edition | affected 11.2.0.4affected 12.1.0.2affected 12.2.0.1 |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now