cbcvebase.
CVE-2021-2008
published 2021-04-22

CVE-2021-2008: Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). The supported version that…

high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). The supported version that is affected are 11.1.1.9 and 12.2.1.3 Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager for Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager for Fusion Middleware accessible data as well as unauthorized read access to a subset of Enterprise Manager for Fusion Middleware accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Fusion Middleware. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).

Affected

28 ranges· showing 25
VendorProductVersion rangeFixed in
msrcmicrosoft_net_framework_4.6
msrcmicrosoft_net_framework_4.6.2_4.7_4.7.1_4.7.2
msrcmicrosoft_net_framework_4.6_4.6.1_4.6.2_4.7_4.7.1_4.7.2
msrcmicrosoft_net_framework_4.7.2
msrcmicrosoft_net_framework_4.8
msrcwindows_10
msrcwindows_10_version_1607
msrcwindows_10_version_1809
msrcwindows_10_version_1909
msrcwindows_10_version_2004
msrcwindows_10_version_20h2
msrcwindows_10_version_21h1
msrcwindows_11_version_21h2
msrcwindows_7
msrcwindows_8.1
msrcwindows_rt_8.1
msrcwindows_server_2008
msrcwindows_server_2008_r2
msrcwindows_server_2012
msrcwindows_server_2012_r2
msrcwindows_server_2016
msrcwindows_server_2019
msrcwindows_server_2022
oracleenterprise_manager
oracleenterprise_manager