CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2795

Vulnerability in the Oracle Knowledge product of Oracle Knowledge (component: Information Manager Console). Supported versions that are affected are 8.6.0-8.6.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Knowledge executes to compromise Oracle Knowledge. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Knowledge. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.1%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.0

References

Products affected by CVE-2020-2795

Oracle » Knowledge » Version: 8.6.0

cpe:2.3:a:oracle:knowledge:8.6.0
Oracle » Knowledge » Version: 8.6.1

cpe:2.3:a:oracle:knowledge:8.6.1
Oracle » Knowledge » Version: 8.6.2

cpe:2.3:a:oracle:knowledge:8.6.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-2795

Products

Pricing

Contact Us