CVE-2018-3303

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager versions 13.2 and 13.3

Description The issue is related to inadequate access control in the Enterprise Manager Base Platform component, specifically the EM Console. This can be exploited by a remote attacker to gain unauthorized access to protected data using the HTTP protocol. Successful attacks can result in unauthorized update, insert, or delete access to some data, as well as unauthorized read access to a subset of the data.

Recommendations For versions 13.2 and 13.3, update to a version that includes the fix for this issue to prevent unauthorized access. As a temporary workaround, consider restricting access to the EM Console to minimize the risk of exploitation.