CVE-2022-21429

4 documents4 sources
Severity
8.1HIGH
EPSS
3.4%
top 12.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Communications Billing AND Revenue ManagementOracle Corporation Communications Billing AND Revenue Management
Timeline
PublishedJul 19
Latest updateJul 20

Description

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-w9cr-7pg5-crxj: Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care)2022-07-20
CVEList
CVE-2022-21429: Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Billing Care)2022-07-19

📋Vendor Advisories

1
Oracle
Oracle Oracle Communications Applications Risk Matrix: Billing Care — CVE-2022-214292022-07-15