CVE-2017-3233

Name of the Vulnerable Software and Affected Versions Oracle Support Tools versions prior to 5.7

Description The issue affects the Automatic Service Request (ASR) component, specifically the ASR Manager subcomponent. It allows an unauthenticated attacker with network access via HTTP to compromise the Automatic Service Request (ASR). Successful attacks can result in unauthorized access to create, delete, or modify critical data or all ASR accessible data.

Recommendations For versions prior to 5.7, update to version 5.7 or later to resolve the issue. As a temporary workaround, consider restricting network access via HTTP to the ASR component until a patch is applied.