admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-21848.md

18 lines
1.4 KiB
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-21848](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21848)
![](https://img.shields.io/static/v1?label=Product&message=Communications%20Convergence&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%203.0.3.1.0%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Easily%20exploitable%20vulnerability%20allows%20low%20privileged%20attacker%20with%20network%20access%20via%20HTTP%20to%20compromise%20Oracle%20Communications%20Convergence.%20%20Successful%20attacks%20of%20this%20vulnerability%20can%20result%20in%20takeover%20of%20Oracle%20Communications%20Convergence.&color=brighgreen)
### Description
Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). The supported version that is affected is 3.0.3.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Convergence. Successful attacks of this vulnerability can result in takeover of Oracle Communications Convergence. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
### POC
#### Reference
- https://www.oracle.com/security-alerts/cpujan2023.html
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink