Vulnerabilities fixed in Oracle E-Business Suite

🗓️ 17 Jul 2024 13:53:22Reported by NCSCType

Oracle E-Business Suite vulnerabilities fixed; attackers could access data and manipulate data; updates are available.

Reporter	Title	Published	Views	Family All 90
BDU FSTEC	The vulnerability of the APIs of the Oracle Application Object Library component of the Oracle E-Business Suite, a system for automating business activities in enterprises, allows attackers to gain access to modify, add, or delete data.	22 Jul 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Approvals component of the Oracle Purchasing software, which handles purchase orders, allows a hacker to gain read, modify, add, or delete access to data.	23 Jul 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the User Management component of the Oracle iStore system, which is used for creating, managing, and personalizing online stores. This vulnerability exists in the Oracle E-Business Suite, a business automation system that allows attackers to gain unauthorized access to protected information.	14 Aug 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Work Definition component in the Oracle Enterprise Asset Management application for enterprise asset management systems within the Oracle E-Business Suite allows a malicious actor to gain unauthorized access to read, modify, or delete data.	14 Aug 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Allocation Rules component in the financial management tool of the Oracle Process Manufacturing Financials system, a part of the Oracle E-Business Suite. This vulnerability allows an intruder to gain unauthorized access to read, modify, or delete data.	16 Aug 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Personalization component of the Oracle Applications Framework, a web application development platform, within the Oracle E-Business Suite, allows an intruder to gain unauthorized access to read, modify, or delete data.	16 Aug 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the GL Accounts component of the Oracle Trade Management software, a part of the Oracle E-Business Suite, allows an attacker to gain unauthorized access to read, modify, or delete data.	16 Aug 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Quality Management Specs component in the Oracle Process Manufacturing (OPM) application for process management systems in the Oracle E-Business Suite allows a malicious individual to gain unauthorized access to read, modify, or delete data.	16 Aug 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Partners component of Oracle Marketing’s marketing platform, a part of the Oracle E-Business Suite, which allows an attacker to gain unauthorized access to read, add, modify, or delete data.	6 Nov 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Party Search UI component of the software for working with customers in Oracle Trading Community, a business automation system from Oracle E-Business Suite, allows a malicious individual to gain unauthorized access to read, create, modify, or delete data.	8 Nov 202400:00	–	bdu_fstec

Vulners

Node

oracle application_testing_suiteMatch13.3.0.1

oracle communications_cloud_native_core_automated_test_suiteMatch23.1.0

oracle communications_cloud_native_core_automated_test_suiteMatch23.4.0

oracle process_manufacturing_product_developmentMatch12.2.13

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21128
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21132
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21143
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21146
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21148
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21149
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21152
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21153
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21167
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-21169

17 Jul 2024 13:53Current

8.4High risk

Vulners AI Score8.4

CVSS 3.18.1

EPSS0.00952

SSVC