CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-3007

HIGH
8.6
CVSS Severity Score
EPSS Score0.1160%
EPSS Percentile21.38th
Published2018年7月18日
Last Modified2024年11月21日

Vulnerability Description

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. While the vulnerability is in Oracle Tuxedo, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data. CVSS 3.0 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

Affected Platforms (CPE)

📦
Oracle

Tuxedo

= 12.1.1
📦
Oracle

Tuxedo

= 12.1.3
📦
Oracle

Tuxedo

= 12.2.2

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
🔗 http://www.securityfocus.com/bid/104814
🔗 http://www.securitytracker.com/id/1041310
🔗 http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
🔗 http://www.securityfocus.com/bid/104814
🔗 http://www.securitytracker.com/id/1041310

相关漏洞威胁

CVE-2017-1026910.0

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2017-102729.9

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2016-06358.8

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2,...

CVE-2017-102677.5

Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affecte...

CVE-2018-3007 Detail & Impact Analysis | CVSS 8.6 (HIGH) | Cyber-Sec.Space | Cyber-Sec.Space