CVE-2018-3007 is a vulnerability in Oracle Tuxedo
Published on July 18, 2018
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 12.1.1, 12.1.3 and 12.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via Jolt to compromise Oracle Tuxedo. While the vulnerability is in Oracle Tuxedo, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Tuxedo accessible data. CVSS 3.0 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).
Products Associated with CVE-2018-3007
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-3007 are published in Oracle Tuxedo:
Affected Versions
Oracle Corporation Tuxedo:- Version 12.1.1 is affected.
- Version 12.1.3 is affected.
- Version 12.2.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.