CVE-2018-2936

Name of the Vulnerable Software and Affected Versions Oracle Communications Messaging Server version 3.x

Description The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Communications Messaging Server. Successful attacks require human interaction from a person other than the attacker and may significantly impact additional products. This can result in unauthorized update, insert, or delete access to some of Oracle Communications Messaging Server's accessible data, as well as unauthorized read access to a subset of Oracle Communications Messaging Server's accessible data.

Recommendations For Oracle Communications Messaging Server version 3.x, at the moment, there is no information about a newer version that contains a fix for this vulnerability.