CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21395

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. Successful attacks of this vulnerability can result in takeover of Oracle Communications Operations Monitor. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.014

EPSS Ranking 79.4%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

Products affected by CVE-2022-21395

Oracle » Communications Operations Monitor » Version: 3.4

cpe:2.3:a:oracle:communications_operations_monitor:3.4
Oracle » Communications Operations Monitor » Version: 4.2

cpe:2.3:a:oracle:communications_operations_monitor:4.2
Oracle » Communications Operations Monitor » Version: 4.3

cpe:2.3:a:oracle:communications_operations_monitor:4.3
Oracle » Communications Operations Monitor » Version: 4.4

cpe:2.3:a:oracle:communications_operations_monitor:4.4
Oracle » Communications Operations Monitor » Version: 5.0

cpe:2.3:a:oracle:communications_operations_monitor:5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-21395

Products

Pricing

Contact Us