Rewterz Threat Advisory – Multiple Oracle Fusion Middleware Vulnerabilities
January 19, 2023Rewterz Threat Advisory – CVE-2023-21850 – Oracle Supply Chain Vulnerability
January 19, 2023Rewterz Threat Advisory – Multiple Oracle Fusion Middleware Vulnerabilities
January 19, 2023Rewterz Threat Advisory – CVE-2023-21850 – Oracle Supply Chain Vulnerability
January 19, 2023Severity
Medium
Analysis Summary
CVE-2023-21888
An unspecified vulnerability in Oracle Construction and Engineering related to the WebUI component could allow a remote authenticated attacker to bypass security restrictions resulting in a low confidentiality and integrity impacts using unknown attack vectors.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-21888
Affected Vendors
Oracle
Affected Products
- Oracle Construction and Engineering 18.8.0
- Oracle Construction and Engineering 18.8.15
- Oracle Construction and Engineering 19.12.0
- Oracle Construction and Engineering 19.12.15
- Oracle Construction and Engineering 20.12.0
- Oracle Construction and Engineering 20.12.10
- Oracle Construction and Engineering 21.12.0
- Oracle Construction and Engineering 21.12.8
Remediation
Refer to Oracle Critical Patch Update Advisory for patch, upgrade or suggested workaround information.