Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-56435
HistoryJul 21, 2021 - 12:00 a.m.

Oracle E-Business Suite has an unspecified vulnerability (CNVD-2021-56435)

2021-07-2100:00:00
China National Vulnerability Database
www.cnvd.org.cn
5

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:C/A:N

0.001 Low

EPSS

Percentile

38.2%

Oracle E-Business Suite is an extension of the original Application (ERP) and includes a collection of ERP (Enterprise Resource Planning Management), HR (Human Resource Management), CRM (Customer Relationship Management) and other applications that are seamlessly integrated into one management suite. A security vulnerability exists in the E-signatures component of Oracle E-Records in Oracle E-Business Suite releases 12.1.1-12.1.3, 12.2.3-12.2.10. An attacker could exploit this vulnerability to allow a low privilege attacker to compromise Oracle E-Records via HTTP access to the network.

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

8.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:C/I:C/A:N

0.001 Low

EPSS

Percentile

38.2%

Related for CNVD-2021-56435