Oracle Communications Diameter Signaling Router up to 8.2.2 IDIH information disclosure

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in Oracle Communications Diameter Signaling Router up to 8.2.2 (Cloud Software) and classified as critical. This vulnerability affects an unknown code of the component IDIH. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field11/21/2020 07:34 AM11/22/2020 05:30 PM11/22/2020 05:32 PM
vendorOracleOracleOracle
nameCommunications Diameter Signaling RouterCommunications Diameter Signaling RouterCommunications Diameter Signaling Router
cveCVE-2020-1945CVE-2020-1945CVE-2020-1945
componentIDIHIDIHIDIH
risk222
cvss3_vuldb_avLLL
cvss3_vuldb_acHHH
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aNNN
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
version<=8.2.2<=8.2.2<=8.2.2
urlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.htmlhttps://www.oracle.com/security-alerts/cpuoct2020.html
date160314480016031448001603144800
identifierOracle Critical Patch Update Advisory - October 2020Oracle Critical Patch Update Advisory - October 2020Oracle Critical Patch Update Advisory - October 2020
nameUpgradeUpgradeUpgrade
date160314480016031448001603144800
typeCloud SoftwareCloud SoftwareCloud Software
cvss2_vuldb_avLLL
cvss2_vuldb_acHHH
cvss2_vuldb_auNNN
cvss2_vuldb_ciCCC
cvss2_vuldb_iiCCC
cvss2_vuldb_aiNNN
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss2_vuldb_basescore5.65.65.6
cvss2_vuldb_tempscore4.94.94.9
cvss3_vuldb_basescore6.76.76.7
cvss3_vuldb_tempscore6.46.46.4
cvss3_meta_basescore6.56.56.5
cvss3_meta_tempscore6.26.26.2
price_0day$5k-$25k$5k-$25k$5k-$25k
cvss2_nvd_basescore3.33.33.3
cvss3_nvd_basescore6.36.36.3
cve_assigned15752412001575241200
cve_nvd_summaryApache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process.
cwe200
cvss3_nvd_avL
cvss3_nvd_acH
cvss3_nvd_prL
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aN
cvss2_nvd_avL
cvss2_nvd_acM
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiN

Do you want to use VulDB in your project?

Use the official API to access entries easily!