China National Vulnerability DatabaseCNVD-2022-70079Oracle E-Business Suite Access Control Error Vulnerability
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
Oracle Corporation (Oracle) is the world’s largest provider of information management software and services, founded in 1977, headquartered in Redwood shore, California, United States, open to the world oracle certification. Oracle E-Business Suite (E-Business Suite) is the United States Oracle (Oracle) a fully integrated set of Oracle E-Business Suite is a fully integrated suite of global business management software from Oracle. Oracle E-Business Suite (Component: Manage Proxies) version 12.2 contains an access control error vulnerability. The vulnerability can be exploited by attackers to gain network access via HTTP, resulting in unauthorized access to critical data or full access to all Oracle E-Business Suite accessible data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| oracle e-business suite | eq | 12.2 |
Related
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N