Oracle Communications Order and Service Management Unauthenticated Data Exposure Vulnerability

Vulnerability

A vulnerability exists in Oracle Communications Order and Service Management versions 7.4.0, 7.4.1, and 7.5.0, within the Security component. This easily exploitable vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the application. Successful exploitation can lead to unauthorized read access to certain accessible data within Oracle Communications Order and Service Management.

Impact

Exploitation of this vulnerability could result in unauthorized access to a subset of data within Oracle Communications Order and Service Management.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

0.6

exploitability

7.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle Communications Order and Service Management Unauthenticated Data Exposure Vulnerability

Vulnerability

Impact

Affected Products

Oracle Communications Order and Service Management

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating