CVE-2010-4449

Name of the Vulnerable Software and Affected Versions Oracle Audit Vault version 10.2.3.2

Description The issue affects the confidentiality, integrity, and availability of the system. It is related to a crafted parameter in an action.execute request to the av component on TCP port 5700, specifically the /av.action endpoint, with the action.execute request potentially allowing remote code execution.

Recommendations For Oracle Audit Vault version 10.2.3.2, consider restricting access to the av component on TCP port 5700 to minimize the risk of exploitation. Avoid using the potentially vulnerable parameter in the action.execute request to the /av.action endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.