CVE-2020-2639

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager versions 12.1.0.5, 13.2.0.0, 13.3.0.0

Description The issue is related to a vulnerability in the Enterprise Manager Base Platform product, specifically in the Host Management component. This vulnerability can be easily exploited by a high-privileged attacker with network access via HTTP, potentially leading to unauthorized access to critical data, complete access to all accessible data, and unauthorized update, insert, or delete access to some data. Additionally, it may cause a partial denial of service (DOS) of the Enterprise Manager Base Platform. The vulnerability is associated with inadequate access control.

Recommendations For versions 12.1.0.5, 13.2.0.0, and 13.3.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.