CVE-2022-21503 - Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitabl

CVE-2022-21503

Summary

Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)

References

https://support.oracle.com

Vulnerable Configurations

cpe:2.3:a:oracle:cloud_infrastructure:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:cloud_infrastructure:-:*:*:*:*:*:*:*

CVSS

Base:	4.0 (as of 28-06-2022 - 15:59)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:N/A:N

Last major update

28-06-2022 - 15:59

Published

17-06-2022 - 21:15

Last modified

28-06-2022 - 15:59