2 matches found
CVE-2014-5880 - Authentication Bypass in Oracle Demantra
Vulnerability title: Authentication Bypass in Oracle Demantra CVE: CVE-2014-5880 Vendor: Oracle Product: Demantra Affected version: 12.2.1 Fixed version: 12.2.3 Reported by: Oliver Gruskovnjak Details: The authentication filter in Oracle Demantra is broken by design. For example the page:...
CVE-2014-5880
CVE-2014-5880 is a duplicate of CVE-2013-5880. Oracle Demantra 12.2.1 includes an authentication bypass: the loginCheck.jsp whitelisted URL can be accessed unauthenticated to reach restricted pages. A fix exists in 12.2.3. Public details cite Portcullis advisories and the associated CVE-2013-5880...