How severe is CVE-2022-21401?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.6 out of 10.

What type of vulnerability is CVE-2022-21401?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2022-21401

MEDIUM Year: 2022

CVSS v3 Score

6.6

Medium

CVSS v2 Score

6.5

Medium

Weakness Type

NVD-CWE-Other

View all →

Vulnerability Description

Vulnerability in the Oracle Communications Operations Monitor product of Oracle Communications (component: Mediation Engine). Supported versions that are affected are 3.4, 4.2, 4.3, 4.4 and 5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Operations Monitor. While the vulnerability is in Oracle Communications Operations Monitor, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Communications Operations Monitor accessible data as well as unauthorized read access to a subset of Oracle Communications Operations Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Communications Operations Monitor. CVSS 3.1 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L).

CVE-2016-3129

MEDIUM

CVSS:6.6(Medium)

A remote shell execution vulnerability in the BlackBerry Good Enterprise Mobility Server (GEMS) implementation of the Apache Karaf command shell in GEMS versions 2.1.5.3 to 2.2.22.25 allows remote att...

NVD-CWE-Other2016

CVE-2016-4525

MEDIUM

CVSS:6.6(Medium)

Unspecified ActiveX controls in Advantech WebAccess before 8.1_20160519 allow remote authenticated users to obtain sensitive information or modify data via unknown vectors, related to the INTERFACESAF...

NVD-CWE-Other2016

CVE-2017-3551

MEDIUM

CVSS:6.6(Medium)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Smartcard Libraries). The supported version that is affected is 11.3. Easily "exploitable" vulnerability allo...

NVD-CWE-Other2017

CVE-2017-3600

MEDIUM

CVSS:6.6(Medium)

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Di...

NVD-CWE-Other2017

CVE-2017-7273

MEDIUM

CVSS:6.6(Medium)

The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possibl...

NVD-CWE-Other2017

CVE-2018-2717

MEDIUM

CVSS:6.6(Medium)

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allow...

NVD-CWE-Other2018

CVE-2022-21401

Vulnerability Description

Related Vulnerabilities

CVE-2016-3129

CVE-2016-4525

CVE-2017-3551

CVE-2017-3600

CVE-2017-7273

CVE-2018-2717