Critical Patch Update (Doc ID 2355875.1)

Last updated on AUGUST 23, 2023

Applies to:

Oracle Communications Application Session Controller - Version S-E3.7.0 and later
Information in this document applies to any platform.

Symptoms

=== Issue Clarification===

--What--
Product:
Oracle Communications Application Session Controller

Version:
S-E3.7.0

Error:
N/A

Issue;
Received a notice for a critical patch update for the following CVE.:

CVE-2013-2566 Oracle Communications Application Session Controller Security TLS Yes 5.9 Network High None None Un-
changed High None None 3.x

CVE-2013-2566 Vulnerability in the Oracle Communications Application Session Controller component of Oracle Communications Applications (subcomponent: Security). The supported version that is affected is 3.x. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Communications Application Session Controller. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Communications Application Session Controller accessible data.

--Where--
Environment:
Production

Platform:
Acme Packet OS

Changes

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Critical Patch Update (Doc ID 2355875.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!