CVE-2019-2572
First published: Tue Apr 23 2019(Updated: )
Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer). The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle SOA Suite accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle SOA Suite | =11.1.1.9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-2572?
CVE-2019-2572 is a vulnerability found in the Oracle SOA Suite component of Oracle Fusion Middleware (subcomponent: Fabric Layer).
What is the severity of CVE-2019-2572?
CVE-2019-2572 has a severity value of 5.3, which is considered medium.
How does CVE-2019-2572 affect Oracle SOA Suite?
CVE-2019-2572 allows an unauthenticated attacker with network access via HTTP to compromise Oracle SOA Suite.
Which version of Oracle SOA Suite is affected by CVE-2019-2572?
CVE-2019-2572 affects Oracle SOA Suite version 11.1.1.9.0.
Is CVE-2019-2572 easy to exploit?
Yes, CVE-2019-2572 is an easily exploitable vulnerability.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/event
- agent/type
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle soa suite
- version/oracle soa suite/11.1.1.9.0