⚠ Actively exploited in ransomware campaigns
This vulnerability is on the CISA Known Exploited Vulnerabilities list and has been used in known ransomware attacks. CISA required action: Apply updates per vendor instructions.. Due date: 2022-06-15.
CVE-2012-1710 — Oracle Fusion Middleware vulnerability
10 documents7 sources
Severity
9.8CRITICALNVD
NVD7.5CNA7.5
EPSS
39.6%
top 2.69%
CISA KEV
KEVRansomware
Added 2022-05-25
Due 2022-06-15
Exploit
Exploited in wild
Active exploitation observed
Affected products
Timeline
PublishedMay 3
KEV addedMay 25
KEV dueJun 15
Latest updateMar 20
CISA Required Action: Apply updates per vendor instructions.
Description
Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Designer, a different vulnerability than CVE-2012-1709.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages1 packages
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-ch5p-j98f-3rg5: Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10↗2022-05-17
GHSA▶
GHSA-8c3c-9q97-wq3f: Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10↗2022-05-17
CVEList▶
CVE-2012-1710: Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10↗2012-05-03
CVEList▶
CVE-2012-1709: Unspecified vulnerability in the Oracle WebCenter Forms Recognition component in Oracle Fusion Middleware 10↗2012-05-03