Fusion Middleware Security Vulnerabilities and Issues — Fusion Middleware CVE List

Lucene search

OracleFusion Middleware

57 matches found

CVE•added 2014/07/17 5:10 a.m.•655 views

CVE-2014-4210

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services.

5CVSS8.2AI score0.94205EPSS

CVE•added 2014/07/17 5:10 a.m.•78 views

CVE-2014-2480

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-2481.

6.8CVSS8.6AI score0.01017EPSS

CVE•added 2014/07/17 11:17 a.m.•61 views

CVE-2014-4241

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services.

4.3CVSS5.8AI score0.00912EPSS

CVE•added 2014/07/17 11:17 a.m.•57 views

CVE-2014-4267

6.8CVSS8.2AI score0.02707EPSS

CVE•added 2014/01/15 4:8 p.m.•56 views

CVE-2014-0400

Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 11.1.1.6 and 11.1.1.7 allows remote authenticated users to affect confidentiality via vectors related to OID LDAP server.

6.3CVSS5.2AI score0.00607EPSS

CVE•added 2014/04/16 2:55 a.m.•56 views

CVE-2014-2424

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

4CVSS5.3AI score0.7776EPSS

CVE•added 2014/07/17 11:17 a.m.•56 views

CVE-2014-4256

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality and integrity via vectors related to WLS - Deployment.

5.8CVSS7.9AI score0.00494EPSS

CVE•added 2014/07/17 5:10 a.m.•55 views

CVE-2014-2479

6.8CVSS8.2AI score0.01017EPSS

CVE•added 2014/07/17 11:17 a.m.•55 views

CVE-2014-4254

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS - Web Services.

6.8CVSS8.2AI score0.02707EPSS

CVE•added 2014/04/16 1:55 a.m.•53 views

CVE-2014-2407

Unspecified vulnerability in the Oracle Data Integrator component in Oracle Fusion Middleware 11.1.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Data Quality, a different vulnerability than CVE-2014-2415, CVE-2014-2416, CVE-2014-...

5CVSS5.7AI score0.00705EPSS

CVE•added 2014/07/17 5:10 a.m.•53 views

CVE-2014-2481

6.8CVSS8.6AI score0.01017EPSS

CVE•added 2014/07/17 11:17 a.m.•53 views

CVE-2014-4253

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WebLogic Server JVM.

5CVSS8.2AI score0.04029EPSS

CVE•added 2014/07/17 11:17 a.m.•52 views

CVE-2014-4255

6.8CVSS8.2AI score0.02707EPSS

CVE•added 2014/04/16 2:55 a.m.•51 views

CVE-2014-2470

7.5CVSS8.2AI score0.01254EPSS

CVE•added 2014/10/15 10:55 p.m.•50 views

CVE-2014-6499

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to WebLogic Tuxedo Connector.

6.8CVSS6AI score0.0059EPSS

CVE•added 2014/07/17 5:10 a.m.•49 views

CVE-2014-4222

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect confidentiality via vectors related to plugin 1.1.

2.1CVSS5.3AI score0.005EPSS

CVE•added 2014/07/17 11:17 a.m.•49 views

CVE-2014-4242

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Console.

4.3CVSS8.1AI score0.00494EPSS

CVE•added 2014/04/16 1:55 a.m.•48 views

CVE-2014-2404

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, and 11.1.2.2.0 allows remote authenticated users to affect confidentiality via unknown vectors related to WebGate.

4CVSS5.2AI score0.00219EPSS

CVE•added 2014/07/17 5:10 a.m.•48 views

CVE-2014-4201

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.1.0, and 12.1.2.0 allows remote attackers to affect availability via vectors related to WLS - Web Services.

5CVSS8.2AI score0.04029EPSS

CVE•added 2014/07/17 5:10 a.m.•48 views

CVE-2014-4217

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, and 12.1.1.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services.

4.3CVSS8.1AI score0.00494EPSS

CVE•added 2014/10/15 10:55 p.m.•48 views

CVE-2014-6534

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0, and 12.1.3.0 allows remote authenticated users to affect integrity via vectors related to WLS Console.

4CVSS5.4AI score0.00188EPSS

CVE•added 2014/07/17 5:10 a.m.•47 views

CVE-2014-4202

5CVSS8.2AI score0.04029EPSS

CVE•added 2014/01/15 4:8 p.m.•46 views

CVE-2014-0391

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service.

5CVSS5.7AI score0.00754EPSS

CVE•added 2014/07/17 11:17 a.m.•45 views

CVE-2014-4249

Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Mobile Service.

5CVSS5.7AI score0.0061EPSS

CVE•added 2014/04/16 2:55 a.m.•44 views

CVE-2014-2417

5CVSS5.7AI score0.00705EPSS

CVE•added 2014/10/15 10:55 p.m.•44 views

CVE-2014-6553

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 and 11.1.1.7 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Admin Console.

6.4CVSS5.7AI score0.00351EPSS

CVE•added 2014/04/16 12:55 a.m.•43 views

CVE-2014-0426

Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5 allows remote attackers to affect integrity via vectors related to HTTP Request Handling, a different vulnerability than CVE-2014-0413.

4.3CVSS5.9AI score0.00442EPSS

CVE•added 2014/07/17 11:17 a.m.•43 views

CVE-2014-4251

Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.7.0 and 12.1.2.0 allows remote authenticated users to affect integrity via vectors related to plugin 1.1.

3.5CVSS5.4AI score0.00581EPSS

CVE•added 2014/04/16 2:55 a.m.•42 views

CVE-2014-2452

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5 allows remote authenticated users to affect availability via unknown vectors related to Webserver Plugin.

4CVSS5.5AI score0.00501EPSS

CVE•added 2014/04/16 12:55 a.m.•41 views

CVE-2014-0413

4.3CVSS5.9AI score0.00442EPSS

CVE•added 2014/04/16 1:55 a.m.•41 views

CVE-2014-2399

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.

4.3CVSS5.7AI score0.30466EPSS

CVE•added 2014/04/16 2:55 a.m.•41 views

CVE-2014-2426

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity and availability via unknown vectors related to Admin Console.

4.9CVSS5.3AI score0.00322EPSS

CVE•added 2014/10/15 3:55 p.m.•41 views

CVE-2014-6462

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.1 and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console.

4.3CVSS5.9AI score0.00351EPSS

CVE•added 2014/10/15 10:55 p.m.•41 views

CVE-2014-6522

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7, 11.1.2.4, 12.1.2.0, and 12.1.3.0 allows remote attackers to affect integrity via vectors related to ADF Faces.

4.3CVSS5.9AI score0.00311EPSS

CVE•added 2014/01/15 4:8 p.m.•40 views

CVE-2013-5900

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect integrity via unknown vectors related to End User Self Service.

4.3CVSS5.9AI score0.00561EPSS

CVE•added 2014/04/16 1:55 a.m.•40 views

CVE-2014-2400

4.3CVSS5.7AI score0.30466EPSS

CVE•added 2014/07/17 5:10 a.m.•40 views

CVE-2014-2493

Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.2.4.0, and 12.1.2.0.0 allows remote attackers to affect confidentiality and availability via vectors related to ADF Faces.

6.4CVSS5.8AI score0.00897EPSS

CVE•added 2014/10/15 10:55 p.m.•40 views

CVE-2014-6487

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote authenticated users to affect integrity via unknown vectors related to End User Self Service.

3.5CVSS5.4AI score0.0015EPSS

CVE•added 2014/01/15 4:11 p.m.•39 views

CVE-2013-5785

Unspecified vulnerability in the Oracle Reports Developer component in Oracle Fusion Middleware 11.1.1.6, 11.1.1.7, and 11.1.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security and Authentication.

7.5CVSS6AI score0.01716EPSS

CVE•added 2014/04/16 2:55 a.m.•39 views

CVE-2014-2415

5CVSS5.7AI score0.00705EPSS

CVE•added 2014/04/16 2:55 a.m.•39 views

CVE-2014-2418

5CVSS5.7AI score0.00705EPSS

CVE•added 2014/01/15 4:8 p.m.•38 views

CVE-2013-5901

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to Identity Console.

4.3CVSS5.7AI score0.00561EPSS

CVE•added 2014/01/15 4:8 p.m.•38 views

CVE-2014-0374

Unspecified vulnerability in the Oracle Portal component in Oracle Fusion Middleware 11.1.1.6 allows remote attackers to affect integrity via unknown vectors related to Page Parameters and Events.

4.3CVSS5.9AI score0.00524EPSS

CVE•added 2014/10/15 10:55 p.m.•38 views

CVE-2014-6552

Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.1, and 11.1.2.2 allows remote attackers to affect integrity via unknown vectors related to Admin Console.

4.3CVSS5.9AI score0.00351EPSS

CVE•added 2014/01/15 4:8 p.m.•37 views

CVE-2014-0383

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.2.0 and 11.1.2.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Identity Console.

3.5CVSS5.2AI score0.00379EPSS

CVE•added 2014/04/16 12:55 a.m.•37 views

CVE-2014-0450

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7 and 11.1.1.8 allows remote attackers to affect confidentiality via unknown vectors related to People Connection.

5CVSS5.8AI score0.00295EPSS

CVE•added 2014/04/16 1:55 a.m.•37 views

CVE-2014-0465

Unspecified vulnerability in the Oracle OpenSSO component in Oracle Fusion Middleware 8.0 Update 2 Patch 5 allows remote authenticated users to affect integrity via unknown vectors related to Admin Console.

3.5CVSS5.4AI score0.0015EPSS

CVE•added 2014/04/16 2:55 a.m.•37 views

CVE-2014-2416

5CVSS5.7AI score0.00705EPSS

CVE•added 2014/07/17 11:17 a.m.•37 views

CVE-2014-4257

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Portlet Services.

7.1CVSS5.8AI score0.00576EPSS

CVE•added 2014/07/17 5:10 a.m.•36 views

CVE-2014-4212

Unspecified vulnerability in the Oracle Fusion Middleware component in Oracle Fusion Middleware 11.1.1.7 allows remote attackers to affect confidentiality via unknown vectors related to Process Mgmt and Notification.

4.3CVSS4.2AI score0.00524EPSS

Total number of security vulnerabilities57