Lucene search

OracleCVELIST:CVE-2020-14731

HistoryOct 21, 2020 - 2:04 p.m.

CVE-2020-14731

2020-10-2114:04:23

oracle

www.cve.org

cve-2020-14731

oracle retail applications

segment

vulnerability

network access

http

unauthorized access

data compromise

cvss 3.1

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

3.5

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Segment). Supported versions that are affected are 18.0 and 19.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Retail Customer Management and Segmentation Foundation accessible data. CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).

CNA Affected

[
  {
    "product": "Retail Customer Management and Segmentation Foundation",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "18.0"
      },
      {
        "status": "affected",
        "version": "19.0"
      }
    ]
  }
]

References

www.oracle.com/security-alerts/cpuoct2020.html

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

AI Score

3.5

Confidence

High

EPSS

0.001

Percentile

22.7%

JSON

Related for CVELIST:CVE-2020-14731