![]() ![]() Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Edge. Supported versions that are affected are 8.2 and 9.0. Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: User Interface). CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). Successful attacks of this vulnerability can result in takeover of Oracle SD-WAN Aware. While the vulnerability is in Oracle SD-WAN Aware, attacks may significantly impact additional products. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SD-WAN Aware. The supported version that is affected is 8.2. Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: User Interface). SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an administrative user, and therefore compromising Confidentiality, Integrity and Availability of the system, leading to Missing Authentication Check.
0 Comments
Leave a Reply. |