{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T23:13:23.563","vulnerabilities":[{"cve":{"id":"CVE-2023-21824","sourceIdentifier":"secalert_us@oracle.com","published":"2023-01-18T00:15:12.443","lastModified":"2024-11-21T07:43:43.517","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager).  Supported versions that are affected are 12.0.0.3.0-12.0.0.7.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Communications BRM - Elastic Charging Engine executes to compromise Oracle Communications BRM - Elastic Charging Engine.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Communications BRM - Elastic Charging Engine accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)."},{"lang":"es","value":"Vulnerabilidad en Oracle Communications BRM - Producto Elastic Charging Engine de Oracle Communications Applications (componente: Cliente, Configuración, Pricing Manager). Las versiones compatibles que se ven afectadas son 12.0.0.3.0-12.0.0.7.0. Una vulnerabilidad fácilmente explotable permite a un atacante con altos privilegios iniciar sesión en la infraestructura donde se ejecuta Oracle Communications BRM - Elastic Charging Engine para comprometer Oracle Communications BRM - Elastic Charging Engine. Los ataques exitosos de esta vulnerabilidad pueden resultar en un acceso no autorizado a datos críticos o un acceso completo a todos los datos accesibles de Oracle Communications BRM - Elastic Charging Engine. CVSS 3.1 Puntaje base 4.4 (Impactos en la confidencialidad). Vector CVSS: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","baseScore":4.4,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":0.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_billing_and_revenue_management_elastic_charging_engine:*:*:*:*:*:*:*:*","versionStartIncluding":"12.0.0.3.0","versionEndIncluding":"12.0.0.7.0","matchCriteriaId":"42B900E7-C5D2-48F7-BAA5-F13AC6978AF8"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_binding_support_function:22.3.0:*:*:*:*:*:*:*","matchCriteriaId":"08C91A8B-640D-4516-9E72-F571900B52DA"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:communications_cloud_native_core_policy:22.3.0:*:*:*:*:*:*:*","matchCriteriaId":"82091D5D-B9C0-460E-952E-A4E3BFB4369C"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpujan2023.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpujan2023.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}