It affects the Oracle Communications Messaging Server and allows attackers to manipulate a database by entering SQL strings into input fields or headers. Supported versions that are affected by this flaw are 12.0.0.4 and 12.0.0.5.ĬVE-2022-23305 is a Log4j vulnerability with a CVSS score of 9.8. The update contains 39 new security patches for Oracle Communications Applications. 22 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.ĬVE-2022-21431 is a vulnerability in the Connection Manager component of the Oracle Communications Billing and Revenue Management product and it has the maximum CVSS score of 10 out of 10. These are the CVEs that look most urgent. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. A few of these updates may need your urgent attention if you are a user of the affected product. Oracle has issued a Critical Patch Update which contains 520 new security patches across various product families.
0 kommentar(er)
