{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T20:19:03.737","vulnerabilities":[{"cve":{"id":"CVE-2020-14756","sourceIdentifier":"secalert_us@oracle.com","published":"2021-01-20T15:15:39.330","lastModified":"2024-11-21T05:04:04.680","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)."},{"lang":"es","value":"Vulnerabilidad en el producto Oracle Coherence de Oracle Fusion Middleware (componente: Core Components). Las versiones compatibles que están afectadas son 3.7.1.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 y 14.1.1.0.0. Una vulnerabilidad explotable fácilmente permite a un atacante no autenticado con acceso de red por medio de IIOP, T3 comprometer a Oracle Coherence. Los ataques con éxito de esta vulnerabilidad pueden resultar en la toma de control de Oracle Coherence. CVSS 3.1 Puntuación Base 9.8 (Impactos de la Confidencialidad, Integridad y Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)"}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","baseScore":7.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:coherence:3.7.1.0:*:*:*:*:*:*:*","matchCriteriaId":"06EF2E5D-265E-44FE-9F99-7C5AC7B2C0FC"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:coherence:12.1.3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5E3D6BC7-B12D-44A9-84F1-7B97F848B97A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:coherence:12.2.1.3.0:*:*:*:*:*:*:*","matchCriteriaId":"956B2712-8FB5-4FBF-A7FF-8930C05677FA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:coherence:12.2.1.4.0:*:*:*:*:*:*:*","matchCriteriaId":"2FF57C7A-92C9-4D71-A7B1-CC9DEFAA8193"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:coherence:14.1.1.0.0:*:*:*:*:*:*:*","matchCriteriaId":"5FA64A1D-34F9-4441-857A-25C165E6DBB6"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:utilities_framework:*:*:*:*:*:*:*:*","versionStartIncluding":"4.3.0.1.0","versionEndIncluding":"4.3.0.6.0","matchCriteriaId":"51309958-121D-4649-AB9A-EBFA3A49F7CB"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:utilities_framework:4.2.0.2.0:*:*:*:*:*:*:*","matchCriteriaId":"5435B365-BFF3-4A9E-B45C-42D8F1E20FB7"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:utilities_framework:4.2.0.3.0:*:*:*:*:*:*:*","matchCriteriaId":"1FAC3840-2CF8-44CE-81BB-EEEBDA00A34A"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:utilities_framework:4.4.0.0.0:*:*:*:*:*:*:*","matchCriteriaId":"3F906F04-39E4-4BE4-8A73-9D058AAADB43"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:utilities_framework:4.4.0.2.0:*:*:*:*:*:*:*","matchCriteriaId":"7B393A82-476A-4270-A903-38ED4169E431"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:utilities_framework:4.4.0.3.0:*:*:*:*:*:*:*","matchCriteriaId":"85CAE52B-C2CA-4C6B-A0B7-2B9D6F0499E2"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujan2021.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujan2021.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujan2022.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}