Rewterz Threat Advisory – CVE-2022-26375 – Mammothology AB Press Optimizer plugin for WordPress Vulnerability
November 7, 2022Rewterz Threat Advisory – CVE-2022-39406 – Oracle PeopleSoft Enterprise Common Vulnerability
November 7, 2022Rewterz Threat Advisory – CVE-2022-26375 – Mammothology AB Press Optimizer plugin for WordPress Vulnerability
November 7, 2022Rewterz Threat Advisory – CVE-2022-39406 – Oracle PeopleSoft Enterprise Common Vulnerability
November 7, 2022Severity
Medium
Analysis Summary
CVE-2022-39420
Oracle Transportation Management could allow a remote authenticated attacker to bypass security restrictions, caused by an improper access control in the Security component. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to perform unauthorized update, insert or delete access to some of Oracle Transportation Management accessible data as well as unauthorized read access to a subset of Oracle Transportation Management accessible data.
Impact
Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-39420
Affected Vendors
Oracle
Affected Products
- Oracle Transportation Management 6.4.3
Remediation
Refer to Oracle Security Advisory for patch, upgrade or suggested workaround information.