CVE-2022-21574

4 documents4 sources
Severity
5.3MEDIUM
EPSS
0.4%
top 39.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Communications Billing AND Revenue ManagementOracle Corporation Communications Billing AND Revenue Management
Timeline
PublishedJul 19
Latest updateJul 20

Description

Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.4.0-12.0.0.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-mxcf-jp8m-vh5r: Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager2022-07-20
CVEList
CVE-2022-21574: Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager2022-07-19

📋Vendor Advisories

1
Oracle
Oracle Oracle Communications Applications Risk Matrix: Connection Manager — CVE-2022-215742022-07-15