CVE-2015-2607

2015-07-1610:59:32

[email protected]

web.nvd.nist.gov

oracle

commerce

platform

vulnerability

remote attackers

confidentiality

nvd

cve-2015-2607

5.7 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

60.7%

JSON

Unspecified vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce Platform 3.0.2, 3.1.1, 3.1.2, 11.0, and 11.1 allows remote attackers to affect confidentiality via unknown vectors related to Content Acquisition System.

Affected configurations

NVD

Node

oraclecommerce_platformMatch3.0.2

oraclecommerce_platformMatch3.1.1

oraclecommerce_platformMatch3.1.2

oraclecommerce_platformMatch11.0

oraclecommerce_platformMatch11.1

CPENameOperatorVersion
oracle:commerce_platformoracle commerce platformeq3.0.2
oracle:commerce_platformoracle commerce platformeq3.1.1
oracle:commerce_platformoracle commerce platformeq3.1.2
oracle:commerce_platformoracle commerce platformeq11.0
oracle:commerce_platformoracle commerce platformeq11.1

CPE	Name	Operator	Version
oracle:commerce_platform	oracle commerce platform	eq	3.0.2
oracle:commerce_platform	oracle commerce platform	eq	3.1.1
oracle:commerce_platform	oracle commerce platform	eq	3.1.2
oracle:commerce_platform	oracle commerce platform	eq	11.0
oracle:commerce_platform	oracle commerce platform	eq	11.1