Lucene search

K
cve[email protected]CVE-2023-21824
HistoryJan 18, 2023 - 12:15 a.m.

CVE-2023-21824

2023-01-1800:15:12
web.nvd.nist.gov
39
cve-2023-21824
vulnerability
oracle
communications
brm
elastic charging engine
product
exploitable
unauthorized access
data
cvss

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Supported versions that are affected are 12.0.0.3.0-12.0.0.7.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Communications BRM - Elastic Charging Engine executes to compromise Oracle Communications BRM - Elastic Charging Engine. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Communications BRM - Elastic Charging Engine accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

Affected configurations

Vulners
NVD
Node
oraclecommunications_brm_-_elastic_charging_engineRange12.0.0.3.012.0.0.7.0
VendorProductVersionCPE
oraclecommunications_brm_\-_elastic_charging_engine*cpe:2.3:a:oracle:communications_brm_\-_elastic_charging_engine:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Oracle Corporation",
    "product": "Communications BRM - Elastic Charging Engine",
    "versions": [
      {
        "version": "12.0.0.3.0-12.0.0.7.0",
        "status": "affected"
      }
    ]
  }
]

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.7%

Related for CVE-2023-21824