CVE-2018-3217

Name of the Vulnerable Software and Affected Versions Oracle Outside In Technology versions 8.5.3 through 8.5.4

Description The issue is related to inadequate access control in the Oracle Outside In Technology component, specifically the Outside In Filters subcomponent. It allows an unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology, requiring human interaction from a person other than the attacker. Successful attacks can result in unauthorized access to critical data, complete access to all Oracle Outside In Technology accessible data, as well as unauthorized update, insert, or delete access to some of Oracle Outside In Technology accessible data.

Recommendations For versions 8.5.3 and 8.5.4, update to a version that includes the fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.