CVE-2020-14705

Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management). The supported version that is affected is Prior to 19.1.0.0.0. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle GoldenGate executes to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. CVSS 3.1 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).

Published: Jul 15, 2020
Updated: Apr 13, 2023
CVE: CVE-2020-14705
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.6
AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CVSS v2:

Severity: Medium
Score: 5.8
AV:A/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / goldengate	-	19.1.0.0.0

https://www.oracle.com/security-alerts/cpujul2020.html

Vulnerability Database

289,599

CVE-2020-14705