CVE-2022-21399 (CNNVD-202201-1567)
中文标题:
Oracle Communications 安全漏洞
英文标题:
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (comp...
漏洞描述
中文描述:
Oracle Communications是美国甲骨文(Oracle)公司的一款产品。为服务提供商和企业提供集成通信和云解决方案,以加速他们的数字化转型。 Oracle Communications的Oracle Communications Operations Monitor存在安全漏洞,该漏洞允许高特权攻击者可利用该漏洞通过HTTP进行网络访问,从而破坏Oracle Communications Operations Monitor。虽然该漏洞存在于Oracle Communications Operations Monitor中,但攻击可能会严重影响其他产品。成功攻击此漏洞可能导致未授权更新、插入或删除对某些Oracle Communicati的访问。
英文描述:
Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. While the vulnerability is in Oracle Communications Operations Monitor, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Operations Monitor accessible data as well as unauthorized read access to a subset of Oracle Communications Operations Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Operations Monitor. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L).
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Oracle Corporation | Communications Operations Monitor | 3.4 | - | - |
cpe:2.3:a:oracle_corporation:communications_operations_monitor:3.4:*:*:*:*:*:*:*
|
| Oracle Corporation | Communications Operations Monitor | 4.2 | - | - |
cpe:2.3:a:oracle_corporation:communications_operations_monitor:4.2:*:*:*:*:*:*:*
|
| Oracle Corporation | Communications Operations Monitor | 4.3 | - | - |
cpe:2.3:a:oracle_corporation:communications_operations_monitor:4.3:*:*:*:*:*:*:*
|
| Oracle Corporation | Communications Operations Monitor | 4.4 | - | - |
cpe:2.3:a:oracle_corporation:communications_operations_monitor:4.4:*:*:*:*:*:*:*
|
| Oracle Corporation | Communications Operations Monitor | 5.0 | - | - |
cpe:2.3:a:oracle_corporation:communications_operations_monitor:5.0:*:*:*:*:*:*:*
|
| oracle | communications_operations_monitor | 3.4 | - | - |
cpe:2.3:a:oracle:communications_operations_monitor:3.4:*:*:*:*:*:*:*
|
| oracle | communications_operations_monitor | 4.2 | - | - |
cpe:2.3:a:oracle:communications_operations_monitor:4.2:*:*:*:*:*:*:*
|
| oracle | communications_operations_monitor | 4.3 | - | - |
cpe:2.3:a:oracle:communications_operations_monitor:4.3:*:*:*:*:*:*:*
|
| oracle | communications_operations_monitor | 4.4 | - | - |
cpe:2.3:a:oracle:communications_operations_monitor:4.4:*:*:*:*:*:*:*
|
| oracle | communications_operations_monitor | 5.0 | - | - |
cpe:2.3:a:oracle:communications_operations_monitor:5.0:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
CVSS评分详情
3.1 (cna)
MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2022-21399 |
2025-11-11 15:21:16 | 2025-11-11 07:37:16 |
| NVD | nvd_CVE-2022-21399 |
2025-11-11 14:58:13 | 2025-11-11 07:45:33 |
| CNNVD | cnnvd_CNNVD-202201-1567 |
2025-11-11 15:10:48 | 2025-11-11 07:57:05 |
版本与语言
安全公告
变更历史
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202201-1567
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- affected_products_count: 5 -> 10
- data_sources: ['cve'] -> ['cve', 'nvd']