CyberSecurityBoard
Sponsor Register Login

CVE-2018-2596

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N).

Publication date: Thu, 18 Jan 2018 08:29:00 +0000


Cyber News related to CVE-2018-2596

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
54 years ago Tenable.com
CVE-2023-45039 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. ...
11 months ago
CVE-2023-45040 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. ...
11 months ago
CVE-2023-45041 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. ...
11 months ago
CVE-2023-45042 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. ...
11 months ago
CVE-2023-45043 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. ...
11 months ago
CVE-2023-45044 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. ...
11 months ago
CVE-2023-41281 - An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. ...
10 months ago
CVE-2023-45035 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already ...
10 months ago Tenable.com
CVE-2023-45025 - An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following ...
10 months ago Tenable.com
CVE-2023-41292 - A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already ...
10 months ago Tenable.com
CVE-2023-41283 - An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the ...
10 months ago Tenable.com
CVE-2023-41282 - An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the ...
10 months ago Tenable.com
CVE-2023-39297 - An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in ...
10 months ago Tenable.com
CVE-2023-32969 - A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network. ...
9 months ago
CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago
CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago
CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago
CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago
CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)