Summaryinfo

A vulnerability was found in Oracle Communications Element Manager 8.2.0/8.2.1/8.2.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2020-5408. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component. VulDB is the best source for vulnerability data and more expert information about this specific topic.

Detailsinfo

A vulnerability was found in Oracle Communications Element Manager 8.2.0/8.2.1/8.2.2 (Cloud Software). It has been classified as critical. Affected is some unknown processing. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality.

The weakness was published 10/20/2020 as Oracle Critical Patch Update Advisory - October 2020. The advisory is available at oracle.com. This vulnerability is traded as CVE-2020-5408. The exploitability is told to be easy. It is possible to launch the attack remotely. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1592 by the MITRE ATT&CK project.

Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Productinfo

Type

• Cloud Software

Vendor

• Oracle

Name

• Communications Element Manager

Version

• 8.2.0
• 8.2.1
• 8.2.2

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion