Lucene search

[email protected]CVE-2014-2400

HistoryApr 16, 2014 - 1:55 a.m.

CVE-2014-2400

2014-04-1601:55:10

[email protected]

web.nvd.nist.gov

oracle

endeca server

fusion middleware

cve-2014-2400

nvd

information discovery

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

Low

0.639 Medium

EPSS

Percentile

97.9%

JSON

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2399.

Affected configurations

NVD

Node

oraclefusion_middlewareMatch2.2.2

CPENameOperatorVersion
oracle:fusion_middlewareoracle fusion middlewareeq2.2.2

CPE	Name	Operator	Version
oracle:fusion_middleware	oracle fusion middleware	eq	2.2.2

References

packetstormsecurity.com/files/127223/Endeca-Latitude-2.2.2-Cross-Site-Scripting.html

seclists.org/fulldisclosure/2014/Jun/124

www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

www.securityfocus.com/archive/1/532557/100/0/threaded

www.securityfocus.com/bid/66857

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.7 Medium

AI Score

Confidence

Low

0.639 Medium

EPSS

Percentile

97.9%

JSON

Related for CVE-2014-2400

prion2 cve1 nvd2 cvelist2 securityvulns3 packetstorm2 zdt1 exploitpack1 exploitdb1 oracle1