{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T14:17:38.604","vulnerabilities":[{"cve":{"id":"CVE-2023-22127","sourceIdentifier":"secalert_us@oracle.com","published":"2023-10-17T22:15:16.750","lastModified":"2024-11-21T07:44:21.160","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK).   The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Outside In Technology.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data as well as  unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)."},{"lang":"es","value":"Vulnerabilidad en el producto Oracle Outside In Technology de Oracle Fusion Middleware (componente: SDK de acceso a contenido, SDK de exportación de imágenes, SDK de exportación de PDF, SDK de exportación HTML). La versión compatible afectada es la 8.5.6. Una vulnerabilidad fácilmente explotable permite a un atacante con pocos privilegios y acceso a la red a través de HTTP comprometer la tecnología Oracle Outside In. Los ataques exitosos de esta vulnerabilidad pueden dar como resultado una actualización, inserción o eliminación no autorizada del acceso a algunos de los datos accesibles de Oracle Outside In Technology, así como acceso de lectura no autorizado a un subconjunto de datos accesibles de Oracle Outside In Technology y la capacidad no autorizada de causar una denegación parcial de servicio. (DOS parcial) de Oracle Outside In Technology. CVSS 3.1 Puntuación base 6.3 (impactos en la confidencialidad, la integridad y la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)."}],"metrics":{"cvssMetricV31":[{"source":"secalert_us@oracle.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","baseScore":6.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":3.4}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:outside_in_technology:8.5.6:*:*:*:*:*:*:*","matchCriteriaId":"76D6D900-3178-4FB2-980C-5E806933F059"}]}]}],"references":[{"url":"https://www.oracle.com/security-alerts/cpuoct2023.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"https://www.oracle.com/security-alerts/cpuoct2023.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}