PT-2018-15836 · Oracle · Oracle Transportation Management

Published

2018-04-19

Updated

2019-10-03

CVE-2018-2823

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Oracle Transportation Management version 6.4.3

Description The issue allows a low-privileged attacker with network access via HTTP to compromise Oracle Transportation Management, resulting in unauthorized creation, deletion, or modification access to critical data or all accessible data.

Recommendations For Oracle Transportation Management version 6.4.3, update to a version that addresses this issue, as the current version allows unauthorized access and modification of critical data.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-2823

Affected Products

Oracle Transportation Management

PT-2018-15836 · Oracle · Oracle Transportation Management

CVE-2018-2823

Related Identifiers

Affected Products

References · 4