CVE-2020-14655
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: SSL API). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Security Service. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Security Service accessible data as well as unauthorized update, insert or delete access to some of Oracle Security Service accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N).
Vulnerabilidad en el producto Oracle Security Service de Oracle Fusion Middleware (componente: SSL API). Las versiones compatibles que están afectadas son 11.1.1.9.0, 12.2.1.3.0 y 12.2.1.4.0. La vulnerabilidad difícil de explotar permite a un atacante no autenticado con acceso de red por medio de HTTPS comprometer a Oracle Security Service. Los ataques con éxito de esta vulnerabilidad pueden resultar en un acceso no autorizado a datos críticos o acceso completo a todos los datos accesibles de Oracle Security Service, así como también en una actualización no autorizada, insertar o eliminar el acceso a algunos de los datos accesibles de Oracle Security Service. CVSS 3.1 Puntuación Base 6.5 (Impactos de la Confidencialidad e Integridad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N)
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2020-06-19 CVE Reserved
- 2020-07-15 CVE Published
- 2023-03-31 EPSS Updated
- 2024-09-27 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.oracle.com/security-alerts/cpujul2020.html | 2020-07-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oracle Search vendor "Oracle" | Security Service Search vendor "Oracle" for product "Security Service" | 11.1.1.9.0 Search vendor "Oracle" for product "Security Service" and version "11.1.1.9.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Security Service Search vendor "Oracle" for product "Security Service" | 12.2.1.3.0 Search vendor "Oracle" for product "Security Service" and version "12.2.1.3.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Security Service Search vendor "Oracle" for product "Security Service" | 12.2.1.4.0 Search vendor "Oracle" for product "Security Service" and version "12.2.1.4.0" | - |
Affected
|