CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
100.0%
A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Please refer to:
Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.
This Critical Patch Update contains 334 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at January 2020 Critical Patch Update: Executive Summary and Analysis.
Vendor | Product | Version | CPE |
---|---|---|---|
oracle | communications_instant_messaging_server | * | cpe:2.3:a:oracle:communications_instant_messaging_server:*:*:*:*:*:*:*:* |
oracle | communications_interactive_session_recorder | * | cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:* |
oracle | communications_ip_service_activator | * | cpe:2.3:a:oracle:communications_ip_service_activator:*:*:*:*:*:*:*:* |
oracle | communications_unified_inventory_management | * | cpe:2.3:a:oracle:communications_unified_inventory_management:*:*:*:*:*:*:*:* |
oracle | communications_diameter_signaling_router | * | cpe:2.3:a:oracle:communications_diameter_signaling_router:*:*:*:*:*:*:*:* |
oracle | communications_design_studio | * | cpe:2.3:a:oracle:communications_design_studio:*:*:*:*:*:*:*:* |
oracle | communications_session_border_controller | * | cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:* |
oracle | communications_session_router | * | cpe:2.3:a:oracle:communications_session_router:*:*:*:*:*:*:*:* |
oracle | communications_subscriber-aware_load_balancer | * | cpe:2.3:a:oracle:communications_subscriber-aware_load_balancer:*:*:*:*:*:*:*:* |
oracle | enterprise_communications_broker | * | cpe:2.3:a:oracle:enterprise_communications_broker:*:*:*:*:*:*:*:* |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L
AI Score
Confidence
Low
EPSS
Percentile
100.0%