← voltar
CVE-2018-2765

CVE-2018-2765

EPSS 3.4%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 3.4%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
19 abr 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Produtos afetados
Oracle Corporation · Database - Enterprise EditionOracle Corporation · Security Service

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.oracle.com/security-alerts/cpuoct2020.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttp://www.securityfocus.com/bid/103808http://www.securitytracker.com/id/1040695