CVE-2022-21622 : Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (compo

Vulnerability in the Oracle SOA Suite product of Oracle Fusion Middleware (component: Adapters). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle SOA Suite accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

Published 2022-10-18 21:15:14

Updated 2022-10-21 12:47:43

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2022-21622

Oracle » Soa Suite » Version: 12.2.1.3.0
cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*
Matching versions
Oracle » Soa Suite » Version: 12.2.1.4.0
cpe:2.3:a:oracle:soa_suite:12.2.1.4.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-21622

EPSS FAQ

0.47%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 63 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-21622

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.5	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N	3.9	3.6	Oracle
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: High Availability: None

References for CVE-2022-21622

https://www.oracle.com/security-alerts/cpuoct2022.html

Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-21622

Products affected by CVE-2022-21622

Exploit prediction scoring system (EPSS) score for CVE-2022-21622

CVSS scores for CVE-2022-21622

References for CVE-2022-21622