How severe is CVE-2019-2438?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.9 out of 10.

What type of vulnerability is CVE-2019-2438?

This is classified as NVD-CWE-Other, which is a common weakness in software security.

CVE-2019-2438 - MEDIUM Severity | CVSS 6.9

Vulnerability Description

Vulnerability in the Oracle Web Cache component of Oracle Fusion Middleware (subcomponent: ESI/Partial Page Caching). The supported version that is affected is 11.1.1.9.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Cache. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Web Cache, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Web Cache accessible data as well as unauthorized update, insert or delete access to some of Oracle Web Cache accessible data. CVSS 3.0 Base Score 6.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N).

Related Vulnerabilities

CVE-2016-3447

MEDIUM

CVSS:6.9(Medium)

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity v...

NVD-CWE-Other2016

CVE-2017-10058

MEDIUM

CVSS:6.9(Medium)

Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Administration). Supported versions that are affected are 11.1.1...

NVD-CWE-Other2017

CVE-2017-10370

MEDIUM

CVSS:6.9(Medium)

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are affected are 4.2.0 and 4.2.1. Easily exploitable vul...

NVD-CWE-Other2017

CVE-2018-2988

MEDIUM

CVSS:6.9(Medium)

Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: Products). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and...

NVD-CWE-Other2018

CVE-2018-3238

MEDIUM

CVSS:6.9(Medium)

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected is 11.1.1.8.0. Easily exploitable vulnerability al...

NVD-CWE-Other2018

CVE-2019-20649

MEDIUM

CVSS:6.9(Medium)

NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.

NVD-CWE-Other2019