First published: Tue Apr 18 2023(Updated: )
Vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications (component: Core). Supported versions that are affected are Prior to 6.3.1.3 and Prior to 7.0.0.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Health Sciences InForm executes to compromise Oracle Health Sciences InForm. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Health Sciences InForm accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Health Sciences InForm | <6.3.1.3 | |
Oracle Health Sciences InForm | =7.0.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-21926 is a vulnerability in the Oracle Health Sciences InForm product of Oracle Health Sciences Applications.
The affected software for CVE-2023-21926 is Oracle Health Sciences InForm versions prior to 6.3.1.3 and 7.0.0.0.
CVE-2023-21926 has a severity rating of 5.5 (medium).
Yes, CVE-2023-21926 is an easily exploitable vulnerability.
To fix CVE-2023-21926, Oracle Health Sciences InForm users should install the relevant security patches provided by Oracle.