Lucene search
OracleCVELIST:CVE-2017-3556HistoryApr 24, 2017 - 7:00 p.m.
CVE-2017-3556
2017-04-2419:00:00
oracle
www.cve.org
4
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: File Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Application Object Library accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
CNA Affected
[
{
"product": "Application Object Library",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "12.1.3"
},
{
"status": "affected",
"version": "12.2.3"
},
{
"status": "affected",
"version": "12.2.4"
},
{
"status": "affected",
"version": "12.2.5"
},
{
"status": "affected",
"version": "12.2.6"
}
]
}
]Related
nvd
nvd
CVE-2017-3556
2017-04-24 19:59:04
erpscan
erpscan
AUTH BYPASS For File Downloading - Oracle E-Business Suite
2016-12-23 00:00:00
prion
prion
Design/Logic Flaw
2017-04-24 19:59:00
cve
cve
CVE-2017-3556
2017-04-24 19:59:04
nessus
nessus
Oracle E-Business Multiple Vulnerabilities (April 2017 CPU)
2017-04-19 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00