Main Vulnerability Database Vulnerabilities #VU55164

Improper input validation in Oracle Communications Cloud Native Core Network Slice Selection Function - CVE-2020-29582

Published: July 21, 2021

Vulnerability identifier: #VU55164

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2020-29582

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Communications Cloud Native Core Network Slice Selection Function

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Signaling (Calico) component in Oracle Communications Cloud Native Core Network Slice Selection Function. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.

How to mitigate CVE-2020-29582

Install updates from vendor's website.

Sources

https://www.oracle.com/security-alerts/cpujul2021.html

Improper input validation in Oracle Communications Cloud Native Core Network Slice Selection Function - CVE-2020-29582

Detailed vulnerability description

How to mitigate CVE-2020-29582

Sources

Please verify you're human