CVE-2019-2572 - Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric La

CVE-2019-2572

Summary

Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle SOA Suite accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

References

http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Vulnerable Configurations

cpe:2.3:a:oracle:soa_suite:11.1.1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:soa_suite:11.1.1.9.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

misc

http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Last major update

24-08-2020 - 17:37

Published

23-04-2019 - 19:32

Last modified

24-08-2020 - 17:37