2 matches found
CVE-2018-3167
CVE-2018-3167 is described in the connected Nuclei template as a blind SSRF in the Oracle E-Business Suite Application Management Pack for the User Monitoring subcomponent. Affected versions are 12.1.3, 12.2.3–12.2.7. An attacker with network access via HTTP can read data from a subset of the E-B...
CVE-2017-10179
CVE-2017-10179 describes a vulnerability in the Oracle E-Business Suite "Application Management Pack" (AMP) for the User Monitoring subcomponent. Affected AMP versions are 12.1.0.4.0 and 13.1.1.1.0. The issue allows an unauthenticated, network-accessible attacker (via HTTP) to compromise AMP data...