Lucene search

[email protected]NVD:CVE-2023-21994

HistoryJul 18, 2023 - 9:15 p.m.

CVE-2023-21994

2023-07-1821:15:11

[email protected]

web.nvd.nist.gov

oracle fusion middleware

android mobile authenticator

vulnerability

unauthenticated attacker

physical communication segment

cvss 3.1

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

31.7%

JSON

Vulnerability in the Oracle Mobile Security Suite product of Oracle Fusion Middleware (component: Android Mobile Authenticator App). Supported versions that are affected are Prior to 11.1.2.3.1. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Mobile Security Suite executes to compromise Oracle Mobile Security Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Mobile Security Suite accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

Affected configurations

Nvd

Node

oraclefusion_middlewareRange<11.1.2.3.1

VendorProductVersionCPE
oraclefusion_middleware*cpe:2.3:a:oracle:fusion_middleware:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	fusion_middleware	*	cpe:2.3:a:oracle:fusion_middleware::::::::

References

www.oracle.com/security-alerts/cpujul2023.html

CVSS3

6.5

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

31.7%

JSON

Related for NVD:CVE-2023-21994

prion1 vulnrichment1 cve1 cvelist1 oracle1