Lucene search
OracleCVELIST:CVE-2018-2587HistoryApr 19, 2018 - 2:00 a.m.
CVE-2018-2587
2018-04-1902:00:00
oracle
www.cve.org
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). Supported versions that are affected are 10.1.4.3.0, 11.1.2.3.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Access Manager. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Access Manager accessible data as well as unauthorized read access to a subset of Oracle Access Manager accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).
CNA Affected
[
{
"product": "Access Manager",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "10.1.4.3.0"
},
{
"status": "affected",
"version": "11.1.2.3.0"
},
{
"status": "affected",
"version": "12.2.1.3.0"
}
]
},
{
"product": "Adaptive Access Manager",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "11.1.2.3.0"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2018-04-19 02:29:00
cve
cve
CVE-2018-2587
2018-04-19 02:29:00
nvd
nvd
CVE-2018-2587
2018-04-19 02:29:00
f5
f5
nessus
nessus
Oracle Access Manager Multiple Vulnerabilities (Apr 2018 CPU)
2018-05-11 00:00:00
oracle
oracle
Oracle Critical Patch Update - April 2018
2018-04-17 00:00:00
Oracle Critical Patch Update Advisory - January 2021
2021-01-19 00:00:00