CVE-2020-14721Oracle Enterprise Communications Broker vulnerability

4 documents4 sources
Severity
6.3MEDIUMNVD
EPSS
0.2%
top 53.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Enterprise Communications BrokerOracle Corporation Enterprise Communications Broker
Timeline
PublishedJul 15
Latest updateMay 24

Description

Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI). Supported versions that are affected are 3.0.0-3.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Enterprise Communications Broker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Enterprise Communications Broker accessible data as

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-2w7w-5xvh-2987: Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI)2022-05-24
CVEList
CVE-2020-14721: Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applications (component: WebGUI)2020-07-15

📋Vendor Advisories

1
Oracle
Oracle Oracle Communications Applications Risk Matrix: WebGUI — CVE-2020-147212020-07-15
CVE-2020-14721 — Oracle vulnerability | cvebase