CVE-2020-14850

🗓️ 21 Oct 2020 14:04:28Reported by oracleType

Vulnerability in Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Flex Fields). Easily exploitable, allows unauthenticated attacker via HTTP network access to compromise Oracle CRM Technical Foundation. Successful attacks can result in unauthorized access to critical data or complete access to all Oracle CRM Technical Foundation accessible data as well as unauthorized update, insert or delete access to some data

Reporter	Title	Published	Views	Family All 11
CNVD	Oracle CRM Technical Foundation Unauthorized Access Vulnerability	22 Oct 202000:00	–	cnvd
Cvelist	CVE-2020-14850	21 Oct 202014:04	–	cvelist
EUVD	EUVD-2020-6986	7 Oct 202500:30	–	euvd
NCSC	Vulnerabilities fixed in Oracle E-Business Suite	21 Oct 202000:00	–	ncsc
NVD	CVE-2020-14850	21 Oct 202015:15	–	nvd
Oracle	Oracle Critical Patch Update Advisory - October 2020	20 Oct 202000:00	–	oracle
Tenable Nessus	Oracle Oracle E-Business Suite (Oct 2020 CPU)	22 Oct 202000:00	–	nessus
OSV	CVE-2020-14850	21 Oct 202015:15	–	osv
Prion	Design/Logic Flaw	21 Oct 202015:15	–	prion
RedhatCVE	CVE-2020-14850	5 Feb 202515:50	–	redhatcve

NVD

Vulners

Node

oracle customer_relationship_management_technical_foundationRange12.2.3–12.2.10

oracle customer_relationship_management_technical_foundationMatch12.1.3

[
  {
    "product": "CRM Technical Foundation",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "12.1.3"
      },
      {
        "status": "affected",
        "version": "12.2.3 - 12.2.10"
      }
    ]
  }
]

Source	Link
oracle	www.oracle.com/security-alerts/cpuoct2020.html

21 Nov 2024 05:04Current

8.3High risk

Vulners AI Score8.3

CVSS 27.8

CVSS 3.18.2

EPSS0.01113

SSVC