CVE-2022-21401

Name of the Vulnerable Software and Affected Versions Oracle Communications Operations Monitor versions 3.4, 4.2, 4.3, 4.4, 5.0

Description The issue exists due to insufficient input validation in the Mediation Engine component of Oracle Communications Operations Monitor. This can be exploited by a remote attacker using specially crafted HTTP requests, potentially allowing them to read, modify, add, or delete data, or cause a partial denial of service. The vulnerability may significantly impact additional products beyond Oracle Communications Operations Monitor, enabling unauthorized access to and modification of data, as well as partial denial of service attacks.

Recommendations For versions 3.4, 4.2, 4.3, 4.4, 5.0, update to a version that includes the fix for this issue to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.