Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
History

Wed, 02 Oct 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Oracle access Manager
CPEs cpe:2.3:a:oracle:access_manager:11.1.2.3.0:*:*:*:*:*:*:*
Vendors & Products Oracle access Manager

Mon, 30 Sep 2024 17:30:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2021-11-03'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2020-01-15T16:34:00

Updated: 2024-09-30T17:02:55.994Z

Reserved: 2019-12-10T00:00:00

Link: CVE-2020-2555

cve-icon Vulnrichment

Updated: 2024-08-04T07:09:54.651Z

cve-icon NVD

Status : Modified

Published: 2020-01-15T17:15:17.347

Modified: 2024-11-21T05:25:31.510

Link: CVE-2020-2555

cve-icon Redhat

No data.