Lucene search
+L

120 matches found

nvd
nvd
added 2022/01/19 12:15 p.m.19 views

CVE-2022-21255

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...

8.1CVSS0.01091EPSS
Exploits0References1
osv
osv
added 2022/01/19 12:15 p.m.6 views

CVE-2022-21255

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...

8.1CVSS7.3AI score0.01091EPSS
Exploits0References1
prion
prion
added 2022/01/19 12:15 p.m.21 views

Design/Logic Flaw

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...

5.5CVSS8AI score0.01091EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2022/01/19 11:22 a.m.14 views

CVE-2022-21255

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...

8.1CVSS6.9AI score0.01091EPSS
Exploits0References1
cve
cve
added 2022/01/19 11:22 a.m.103 views

CVE-2022-21255

CVE-2022-21255 affects Oracle E-Business Suite Configurator (UI Servlet). Affected versions are 12.2.3–12.2.11. The vulnerability allows a network-accessible, low-privilege attacker to exploit via HTTP to compromise data, enabling unauthorized creation/deletion/modification of Oracle Configurator...

8.1CVSS8.1AI score0.01091EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2022/01/19 11:22 a.m.34 views

CVE-2022-21255

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite component: UI Servlet. Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Configurator. Successful...

8.1CVSS7.8AI score0.01091EPSS
Exploits0References1
cnnvd
cnnvd
added 2022/01/19 12:0 a.m.4 views

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's fully integrated set of global business management software. The software provides customer relationship management, service management, financial management, and other functionality.Trade Management is one of t...

8.1CVSS8AI score0.01091EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2021/02/05 12:0 a.m.9 views

The vulnerability of the UI Servlet component of the Oracle Configurator allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator exists due to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information or to modify, add, or delete data using...

8.5CVSS7.7AI score0.01255EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2021/02/02 12:0 a.m.6 views

The vulnerability of the UI Servlet component of the Oracle Configurator allows a perpetrator to gain unauthorized access to protected information or to read, modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to read, modify, add, or delete data using the...

8.2CVSS7.7AI score0.01255EPSS
Exploits0References2Affected Software1
bdu_fstec
bdu_fstec
added 2021/02/02 12:0 a.m.8 views

The vulnerability of the UI Servlet component of the Oracle Configurator allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the UI Servlet component of the Oracle Configurator exists due to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information or to modify, add, or delete data using...

8.5CVSS7.7AI score0.01255EPSS
Exploits0References3Affected Software1
osv
osv
added 2021/01/20 3:15 p.m.4 views

CVE-2021-2080

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS7.3AI score0.01255EPSS
Exploits0References1
osv
osv
added 2021/01/20 3:15 p.m.4 views

CVE-2021-2078

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS5.8AI score0.01255EPSS
Exploits0References1
osv
osv
added 2021/01/20 3:15 p.m.6 views

CVE-2021-2079

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS5.8AI score0.01255EPSS
Exploits0References1
nvd
nvd
added 2021/01/20 3:15 p.m.22 views

CVE-2021-2079

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS8AI score0.01255EPSS
Exploits0References1
nvd
nvd
added 2021/01/20 3:15 p.m.22 views

CVE-2021-2080

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS8AI score0.01255EPSS
Exploits0References1
nvd
nvd
added 2021/01/20 3:15 p.m.23 views

CVE-2021-2078

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS8AI score0.01255EPSS
Exploits0References1
prion
prion
added 2021/01/20 3:15 p.m.17 views

Buffer overflow

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

5.8CVSS8.3AI score0.01255EPSS
Exploits0References1Affected Software1
prion
prion
added 2021/01/20 3:15 p.m.11 views

Buffer overflow

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

5.8CVSS8.3AI score0.01255EPSS
Exploits0References1Affected Software1
prion
prion
added 2021/01/20 3:15 p.m.18 views

Buffer overflow

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

5.8CVSS8.3AI score0.01255EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2021/01/20 2:50 p.m.6 views

CVE-2021-2079

Vulnerability in the Oracle Configurator product of Oracle Supply Chain component: UI Servlet. Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attack...

8.2CVSS7.3AI score0.01255EPSS
Exploits0References1
Rows per page
Query Builder