Lucene search
OracleCVELIST:CVE-2018-2765HistoryApr 19, 2018 - 2:00 a.m.
CVE-2018-2765
2018-04-1902:00:00
oracle
www.cve.org
4
Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CNA Affected
[
{
"product": "Security Service",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "11.1.1.9.0"
},
{
"status": "affected",
"version": "12.1.3.0.0"
},
{
"status": "affected",
"version": "12.2.1.2.0"
},
{
"status": "affected",
"version": "12.2.1.3.0"
}
]
},
{
"product": "Database - Enterprise Edition",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "11.2.0.4"
},
{
"status": "affected",
"version": "12.1.0.2"
},
{
"status": "affected",
"version": "12.2.0.1"
}
]
}
]Related
nvd
nvd
CVE-2018-2765
2018-04-19 02:29:01
prion
prion
Design/Logic Flaw
2018-04-19 02:29:00
cve
cve
CVE-2018-2765
2018-04-19 02:29:01
oracle
oracle
Oracle Critical Patch Update - April 2018
2018-04-17 00:00:00
Oracle Critical Patch Update Advisory - October 2020
2020-10-20 00:00:00