Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Access Manager executes to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Access Manager accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
History

Wed, 18 Sep 2024 08:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2023-01-17T23:35:16.125Z

Updated: 2024-09-17T14:15:12.651Z

Reserved: 2022-12-17T19:26:00.695Z

Link: CVE-2023-21859

cve-icon Vulnrichment

Updated: 2024-08-02T09:51:51.301Z

cve-icon NVD

Status : Modified

Published: 2023-01-18T00:15:14.770

Modified: 2024-11-21T07:43:47.680

Link: CVE-2023-21859

cve-icon Redhat

No data.