CVE-2014-2404

2014-04-1601:55:10

[email protected]

web.nvd.nist.gov

cve-2014-2404

oracle

access manager

fusion middleware

vulnerability

confidentiality

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

5.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.3%

JSON

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate.

Affected configurations

NVD

Node

oraclefusion_middlewareMatch10.1.4.3

oraclefusion_middlewareMatch11.1.1.3.0

oraclefusion_middlewareMatch11.1.1.5.0

oraclefusion_middlewareMatch11.1.1.7.0

oraclefusion_middlewareMatch11.1.2.0

oraclefusion_middlewareMatch11.1.2.1.0

oraclefusion_middlewareMatch11.1.2.2.0

CPENameOperatorVersion
oracle:fusion_middlewareoracle fusion middlewareeq10.1.4.3
oracle:fusion_middlewareoracle fusion middlewareeq11.1.1.3.0
oracle:fusion_middlewareoracle fusion middlewareeq11.1.1.5.0
oracle:fusion_middlewareoracle fusion middlewareeq11.1.1.7.0
oracle:fusion_middlewareoracle fusion middlewareeq11.1.2.0
oracle:fusion_middlewareoracle fusion middlewareeq11.1.2.1.0
oracle:fusion_middlewareoracle fusion middlewareeq11.1.2.2.0

CPE	Name	Operator	Version
oracle:fusion_middleware	oracle fusion middleware	eq	10.1.4.3
oracle:fusion_middleware	oracle fusion middleware	eq	11.1.1.3.0
oracle:fusion_middleware	oracle fusion middleware	eq	11.1.1.5.0
oracle:fusion_middleware	oracle fusion middleware	eq	11.1.1.7.0
oracle:fusion_middleware	oracle fusion middleware	eq	11.1.2.0
oracle:fusion_middleware	oracle fusion middleware	eq	11.1.2.1.0
oracle:fusion_middleware	oracle fusion middleware	eq	11.1.2.2.0