Lucene search

K

[email protected]NVD:CVE-2014-2399

HistoryApr 16, 2014 - 1:55 a.m.

CVE-2014-2399

2014-04-1601:55:10

[email protected]

web.nvd.nist.gov

2

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

Low

EPSS

0.653

Percentile

97.9%

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.

Affected configurations

NVD

Node

oraclefusion_middlewareMatch2.2.2

References

packetstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.html

seclists.org/fulldisclosure/2014/Jun/123

www.exploit-db.com/exploits/33897

www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

www.securityfocus.com/archive/1/532556/100/0/threaded

www.securityfocus.com/bid/66864

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

Low

EPSS

0.653

Percentile

97.9%

Related for NVD:CVE-2014-2399

prion2 cvelist2 nvd1 cve2 securityvulns3 exploitpack1 packetstorm2 zdt1 exploitdb1 oracle1