中文描述:

Oracle Health Sciences Applications是美国甲骨文（Oracle）公司的一套用于医疗保健行业的临床研发解决方案。 Oracle Health Sciences Applications 的 Oracle Argus Safety 组件中存在授权问题漏洞，该漏洞允许未经身份验证的攻击者过HTTP进行网络访问，从而危及Oracle Argus的安全性。以下产品及版本受到影响：Oracle Argus Safety--Case Form, Local Affiliate Form--8.2.2。

英文描述:

Vulnerability in the Oracle Argus Safety product of Oracle Health Sciences Applications (component: Case Form, Local Affiliate Form). The supported version that is affected is 8.2.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Argus Safety. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Argus Safety, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Argus Safety accessible data as well as unauthorized read access to a subset of Oracle Argus Safety accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CWE类型:

标签:

中文解决方案:

英文解决方案:

临时解决方案:

发布时间:

修改时间:

创建时间:

更新时间:

当前版本: v3

主要语言: EN

支持语言: