CVE-2022-21268

Name of the Vulnerable Software and Affected Versions Oracle Communications Billing and Revenue Management versions 12.0.0.3 through 12.0.0.4

Description The issue allows a low-privileged attacker with logon to the infrastructure where Oracle Communications Billing and Revenue Management executes to compromise the system. Successful attacks can result in unauthorized read access to a subset of Oracle Communications Billing and Revenue Management accessible data. This is related to the disclosure of information.

Recommendations For versions 12.0.0.3 and 12.0.0.4, update to a version that fixes this issue to prevent unauthorized read access. At the moment, there is no information about a newer version that contains a fix for this vulnerability.