Summaryinfo

A vulnerability labeled as problematic has been found in Oracle Communications Performance Intelligence Center Software up to 9.0.3/10.1.5. This vulnerability affects unknown code. Such manipulation leads to Remote Code Execution. This vulnerability is referenced as CVE-2015-2608. No exploit is available. The affected component should be upgraded.

Detailsinfo

A vulnerability was found in Oracle Communications Performance Intelligence Center Software up to 9.0.3/10.1.5 (Cloud Software) and classified as critical. Affected by this issue is an unknown part. The manipulation with an unknown input leads to a remote code execution vulnerability. Impacted is confidentiality, integrity, and availability.

The weakness was published 10/20/2015 as Oracle Critical Patch Update Advisory - October 2015 as confirmed advisory (Website). The advisory is shared for download at oracle.com. This vulnerability is handled as CVE-2015-2608 since 03/20/2015. The exploitation is known to be easy. The attack may be launched remotely. No form of authentication is required for exploitation. There are neither technical details nor an exploit publicly available.

Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Similar entries are available at VDB-78614, VDB-78643, VDB-78622 and VDB-78621. If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• Cloud Software

Vendor

• Oracle

Name

• Communications Performance Intelligence Center Software

Version

• 9.0.0
• 9.0.1
• 9.0.2
• 9.0.3
• 10.1.0
• 10.1.1
• 10.1.2
• 10.1.3
• 10.1.4
• 10.1.5

License

• commercial

Website

• Vendor: https://www.oracle.com

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion