274 matches found
CVE-2020-2662
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Others. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport...
CVE-2020-2815
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Profile. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks requi...
CVE-2020-2855
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Admin. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require...
The vulnerability of the Internal Operations sub-component of the Oracle iSupport component in the Oracle E-Business Suite automation system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the Internal Operations sub-component of the Oracle iSupport component in the Oracle E-Business Suite exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker, operating remotely, to gain access to read, modify, add, or delete data...
Vulnerabilities fixed in Oracle E-Business Suite
Oracle has fixed vulnerabilities in E-Business suite and components. A malicious party could exploit the vulnerabilities to perform attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle...
CVE-2024-20944
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSupport. Successful...
CVE-2024-20944
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSupport. Successful...
Design/Logic Flaw
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSupport. Successful...
CVE-2024-20944
CVE-2024-20944 affects Oracle E-Business Suite, specifically the Oracle iSupport component within the Internal Operations area. Affected are versions 12.2.3–12.2.13 . The vulnerability is exploitable over the network via HTTP by a user with low privileges, and requires user interaction. Successfu...
PT-2024-1235 · Oracle · Oracle Isupport
Name of the Vulnerable Software and Affected Versions: Oracle iSupport versions 12.2.3 through 12.2.13 Description: The issue exists due to insufficient input validation in the Internal Operations component of Oracle iSupport, part of the Oracle E-Business Suite. This allows a remote attacker to...
Oracle E-Business Suite Security Vulnerability
Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle USA. The software provides customer relationship management, service management, financial management, and other capabilities. iSupport is one of the Internet-based customer suppo...
The vulnerability of the User Responsibilities component in the Oracle iSupport web application allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.
The vulnerability of the User Responsibilities component in the Oracle iSupport web application exists due to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information or to modify, add, or...
The vulnerability of the Shopping Cart component in the Oracle iSupport web application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.
The vulnerability of the Shopping Cart component in the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delete...
The vulnerability of the Profile component in the Oracle iSupport web application allows a perpetrator to gain unauthorized access to protected information or to have read, add, or delete privileges over that data.
The vulnerability of the Profile component in the Oracle iSupport web application is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information or to have read, add, or delete data usin...
CVE-2021-2097
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Profile. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport...
CVE-2021-2097
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Profile. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport...
CVE-2021-2083
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: User Responsibilities. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
CVE-2021-2083
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: User Responsibilities. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Profile. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport...
Design/Logic Flaw
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: User Responsibilities. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...