8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N
Oracle E-Business Suite is an extension of the original Application (ERP) and includes a collection of ERP (Enterprise Resource Planning Management), HR (Human Resource Management), CRM (Customer Relationship Management) and other applications that are seamlessly integrated into one management suite. Compensation is one of the global variable compensation applications that automates the design, management and analysis of incentive-based compensation plans for employees and partners to effectively contribute to the achievement of corporate goals. A security vulnerability exists in the User Interface component of Compensation. An attacker could use this vulnerability to create, delete, or modify access without authorization, as well as gain unauthorized access to critical data or full access to all Oracle Incentive Compensation accessible data.
CPE | Name | Operator | Version |
---|---|---|---|
Oracle Oracle E-Business Suite >=12.1.1, | le | 12.1.3 |
8.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:P/A:N