Lucene search
K
OracleInstalled Base

14 matches found

CVE
CVE
added 2022/01/19 11:22 a.m.96 views

CVE-2022-21251

CVE-2022-21251 affects Oracle E-Business Suite Installed Base (component: Instance Main) with affected versions 12.2.3–12.2.11. The vulnerability allows an unauthenticated, network-based attacker (via HTTP) to cause a hang or repeatable crash of Oracle Installed Base (DO S) as described in multip...

7.8CVSS7.3AI score0.01287EPSS
CVE
CVE
added 2021/01/20 2:50 p.m.85 views

CVE-2021-2023

CVE-2021-2023 affects Oracle E-Business Suite installed base APIs. Affected versions: 12.1.1–12.1.3 and 12.2.3–12.2.9. Vulnerability allows an unauthenticated attacker, over HTTP, to compromise Oracle Installed Base; attacks require human interaction and can lead to unauthorized update/insert/del...

4.7CVSS4.9AI score0.01066EPSS
CVE
CVE
added 2021/04/22 9:53 p.m.70 views

CVE-2021-2231

CVE-2021-2231 affects Oracle E‑Business Suite, Oracle Installed Base (API component) version 12.1.3. The vulnerability is exploitable remotely over HTTP by a low‑privileged attacker, potentially leading to unauthorized data creation/deletion/modification or full access to Oracle Installed Base da...

8.1CVSS8.2AI score0.00931EPSS
CVE
CVE
added 2024/02/17 1:50 a.m.69 views

CVE-2024-20941

The CVE-2024-20941 vulnerability affects Oracle E-Business Suite, specifically the Oracle Installed Base component (HTML UI) in versions 12.2.3–12.2.13. An unauthenticated attacker with network access over HTTP can potentially compromise Installed Base, with impacts including unauthorized update/...

6.1CVSS5.8AI score0.00361EPSS
CVE
CVE
added 2024/04/16 9:26 p.m.65 views

CVE-2024-21072

CVE-2024-21072 affects Oracle E-Business Suite Installed Base, Data Provider UI (versions 12.2.3–12.2.13). An unauthenticated attacker with network access via HTTP can compromise Oracle Installed Base; attacks require human interaction and may lead to unauthorized update/insert/delete and read ac...

6.1CVSS6.2AI score0.0036EPSS
CVE
CVE
added 2024/02/17 1:50 a.m.63 views

CVE-2024-20933

CVE-2024-20933 affects Oracle E-Business Suite – Oracle Installed Base (Engineering Change Order) with affected versions 12.2.3–12.2.13. The vulnerability allows an unauthenticated attacker over HTTP to compromise Oracle Installed Base, with attacks requiring user interaction, and potentially lea...

6.1CVSS5.8AI score0.00168EPSS
CVE
CVE
added 2024/02/17 1:50 a.m.62 views

CVE-2024-20958

CVE-2024-20958 affects Oracle E-Business Suite, specifically Oracle Installed Base (Engineering Change Order) in versions 12.2.3–12.2.13. The root cause is insufficient input validation in Engineering Change Order within Installed Base, enabling a low-privilege, network-accessible attacker to lev...

5.4CVSS5.2AI score0.0034EPSS
CVE
CVE
added 2024/10/15 7:52 p.m.58 views

CVE-2024-21258

CVE-2024-21258 affects Oracle E-Business Suite, specifically the Installed Base product's User Interface. The issue lies in insufficient input validation in the UI component, with affected versions 12.2.3–12.2.14. An unauthenticated attacker with network access via HTTP can read a subset of Oracl...

5.3CVSS4.4AI score0.00484EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.54 views

CVE-2019-3024

The CVE-2019-3024 issue affects Oracle E-Business Suite Installed Base, Engineering Change Order component, in versions 12.2.3–12.2.9. The vulnerability allows an unauthenticated, network-accessible attacker to interact via HTTP, with user interaction required for exploitation, potentially enabli...

4.7CVSS4.4AI score0.01072EPSS
CVE
CVE
added 2017/01/27 10:1 p.m.52 views

CVE-2017-3361

CVE-2017-3361 affects Oracle E-Business Suite, specifically the installed base UI component. Affected are 12.1.1, 12.1.2 and 12.1.3. The vulnerability enables an unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base, with successful attacks potentially granting...

8.2CVSS8.4AI score0.01547EPSS
CVE
CVE
added 2020/10/21 2:4 p.m.52 views

CVE-2020-14822

CVE-2020-14822 affects Oracle E-Business Suite Installed Base APIs. Affected are Oracle E-Business Suite versions 12.1.1–12.1.3 and 12.2.3–12.2.10. The vulnerability is exploitable over HTTP by an unauthenticated, network-reachable attacker and, per the entry, requires user interaction, with pote...

4.7CVSS4.4AI score0.01011EPSS
CVE
CVE
added 2024/02/17 1:50 a.m.50 views

CVE-2024-20935

CVE-2024-20935 affects Oracle E-Business Suite, specifically the Oracle Installed Base component (Engineering Change Order). Affected versions are 12.2.3–12.2.13. The vulnerability allows an unauthenticated attacker, with network access via HTTP, to compromise data and perform unauthorized update...

6.1CVSS5.8AI score0.00361EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.46 views

CVE-2016-3534

CVE-2016-3534 concerns Oracle E-Business Suite’s Installed Base component (Oracle E-Business Suite 12.1.x, 12.2.x) where an unspecified issue related to Engineering Change Order could allow a remote attacker to affect integrity. Multiple sources summarize the vulnerability as an open-redirect cla...

4.7CVSS4.8AI score0.01967EPSS
CVE
CVE
added 2024/01/16 9:41 p.m.41 views

CVE-2024-20934

CVE-2024-20934 affects Oracle E-Business Suite, Oracle Installed Base (Engineering Change Order) with versions 12.2.3–12.2.13. The vulnerability permits an unauthenticated, network-exposed attacker (HTTP) to manipulate or read Oracle Installed Base data, requiring user interaction for exploitatio...

6.1CVSS5.8AI score0.00168EPSS