CVE-2020-14705

4 documents4 sources
Severity
9.6CRITICAL
EPSS
0.5%
top 36.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation GoldengateOracle Goldengate
Timeline
PublishedJul 15
Latest updateMay 24

Description

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle GoldenGate executes to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of t

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages2 packages

NVDoracle/goldengate< 19.1.0.0.0
CVEListV5oracle_corporation/goldengateunspecified19.1.0.0.0

🔴Vulnerability Details

2
GHSA
GHSA-qx8g-5v5g-5jwf: Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management)2022-05-24
CVEList
CVE-2020-14705: Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management)2020-07-15

📋Vendor Advisories

1
Oracle
Oracle Oracle GoldenGate Risk Matrix: Process Management — CVE-2020-147052020-07-15
CVE-2020-14705 (CRITICAL CVSS 9.6) | Vulnerability in the Oracle GoldenG | cvebase.io