CVE-2015-2608

Name of the Vulnerable Software and Affected Versions Oracle Communications Diameter Signaling Router (DSR) versions 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier Oracle Communications Performance Intelligence Center Software versions 9.0.3 and earlier and 10.1.5 and earlier Oracle Communications Policy Management versions 9.9.0 and earlier, 10.5.0 and earlier, 11.5.0 and earlier, and 12.1.0 and earlier Oracle Communications Tekelec HLR Router version 4.0.0

Description The issue is related to an unspecified vulnerability in the Oracle Communications Applications, which can be exploited by remote attackers to affect confidentiality, integrity, and availability. The vulnerability is associated with errors in the code and can be exploited via vectors related to PMAC, allowing an attacker to influence the integrity, availability, and confidentiality of information.

Recommendations For Oracle Communications Diameter Signaling Router (DSR) versions 4.1.6 and earlier, 5.1.0 and earlier, 6.0.2 and earlier, and 7.1.0 and earlier, update to a version later than the specified versions to resolve the issue. For Oracle Communications Performance Intelligence Center Software versions 9.0.3 and earlier and 10.1.5 and earlier, update to a version later than the specified versions to resolve the issue. For Oracle Communications Policy Management versions 9.9.0 and earlier, 10.5.0 and earlier, 11.5.0 and earlier, and 12.1.0 and earlier, update to a version later than the specified versions to resolve the issue. For Oracle Communications Tekelec HLR Router version 4.0.0, update to a version later than 4.0.0 to resolve the issue.