CVE-2021-2414

4 documents4 sources
Severity
6.8MEDIUM
EPSS
0.4%
top 38.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Communications Session Border ControllerOracle Communications Session Border Controller
Timeline
PublishedOct 20
Latest updateMay 24

Description

Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Session Border Controller. While the vulnerability is in Oracle Communications Session Border Controller, attacks may significantly impact additional products. Successful attacks of this vulne

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:NExploitability: 2.3 | Impact: 4.0

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-mmcf-w258-w6pw: Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing)2022-05-24
CVEList
CVE-2021-2414: Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing)2021-10-20

📋Vendor Advisories

1
Oracle
Oracle Oracle Communications Risk Matrix: Routing — CVE-2021-24142021-10-15
CVE-2021-2414 (MEDIUM CVSS 6.8) | Vulnerability in the Oracle Communi | cvebase.io