CVE-2020-2783: Medium severity oracle outside in technology vulnerability

Published Apr 15, 2020

Updated

An unspecified vulnerability in Oracle Fusion Middleware related to the Outside In Technology Outside In Filters component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.

Other sources

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).

Affected Software

14 affected components

Oracle Outside In Technology=8.5.4

IBM RQM<=6.0.6.1

IBM RQM<=6.0.6

IBM ETM<=7.0.0

IBM RQM<=6.0.2

IBM EWM<=7.0

IBM CLM<=6.0.6.1

IBM CLM<=6.0.6

IBM ELM<=7.0

IBM CLM<=6.0.2

IBM RDNG<=6.0.2

IBM RDNG<=6.0.6.1

IBM RDNG<=6.0.6

IBM DOORS Next<=7.0

Event History

Apr 15, 2020

CVE Published

via MITRE·01:29 PM

Data Sourced

via MITRE·01:29 PM

DescriptionSeverityWeakness

Parent advisories

This vulnerability appears in the following advisories.

IBM-6255694

CVE-2020-2783: Medium severity oracle outside in technology vulnerability

Other sources

Affected Software

Event History

Parent advisories

Don't miss critical vulnerabilities

Company

Resources

Contact