18 matches found
CVE-2024-20943
Affected software: Oracle E-Business Suite, Oracle Knowledge Management (Internal Operations), versions 12.2.3–12.2.13. Issue type/root cause: insufficient input validation in Oracle Knowledge Management, enabling a low-privileged attacker with network access via HTTP to compromise the system; at...
CVE-2017-3367
The CVE-2017-3367 entry concerns Oracle Knowledge Management (Oracle E-Business Suite) with affected versions 12.1.1, 12.1.2, and 12.1.3. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Knowledge Management; successful exploitation requires human in...
CVE-2021-2198
Summary of CVE-2021-2198 (Oracle Knowledge Management, Oracle E-Business Suite) Reported vulnerability affects Oracle Knowledge Management within Oracle E-Business Suite variants 12.1.1–12.1.3 and 12.2.3–12.2.10, specifically the Setup/Admin components. The issue allows an unauthenticated, networ...
CVE-2016-3542
CVE-2016-3542 concerns Oracle Knowledge Management in Oracle E-Business Suite (AMS Knowledge Management component) with an XML External Entity issue that allows remote code execution. Connected exploit data confirms the vulnerability affects Oracle Knowledge Management versions 12.1.1–12.2.5, ena...
CVE-2017-10411
CVE-2017-10411 affects Oracle Knowledge Management (Oracle E-Business Suite) UI component. Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. The vulnerability enables an unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Man...
CVE-2017-3366
CVE-2017-3366 affects Oracle Knowledge Management in Oracle E-Business Suite (subcomponent: User Interface). Affected versions are 12.1.1–12.1.3. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management, with human interaction req...
CVE-2019-2719
CVE-2019-2719 affects Oracle Siebel CRM Knowledge component (InfoCenter/Web Applications). Affected: 8.5.1.0–8.5.1.7, 8.6.0, 8.6.1. An unauthenticated attacker can exploit via HTTP; attacks require user interaction and may lead to unauthorized update/insert/delete and read access of Oracle Knowle...
CVE-2017-10412
CVE-2017-10412 affects Oracle E-Business Suite Knowledge Management (User Interface) in versions 12.1.1–12.2.7. The vulnerability allows unauthenticated network access via HTTP to the Knowledge Management UI, with exploitation requiring user interaction. Consequences include unauthorized access t...
CVE-2016-3533
CVE-2016-3533 is an unspecified vulnerability in Oracle Knowledge Management (Oracle E-Business Suite: 12.1.1–12.2.5) affecting integrity via Search-related vectors. The issue is noted as potentially involving multiple open redirect vulnerabilities, as reported in July 2016 CPU discussions. Conne...
CVE-2017-10410
CVE-2017-10410 is a vulnerability in Oracle E-Business Suite’s Knowledge Management component (subcomponent: Search). Affected versions are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. The issue allows an unauthenticated attacker with network access via HTTP to compromise Or...
CVE-2017-3362
CVE-2017-3362 affects Oracle E-Business Suite Knowledge Management (User Interface) in 12.1.1–12.1.3. The vulnerability allows an unauthenticated, network-accessible attacker to compromise Knowledge Management via HTTP, with human interaction required for exploitation; attacks may impact addition...
CVE-2017-3363
CVE-2017-3363 is a vulnerability in the Oracle Knowledge Management component of Oracle E-Business Suite (subcomponent: User Interface). Affected versions are 12.1.1, 12.1.2, and 12.1.3. The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Manag...
CVE-2017-3365
CVE-2017-3365 affects Oracle E-Business Suite Knowledge Management (UI) in versions 12.1.1–12.1.3. An unauthenticated attacker with network access via HTTP can compromise Knowledge Management, with human interaction required to execute the attack. Consequences include unauthorized access to data ...
CVE-2017-3364
CVE-2017-3364 affects Oracle E-Business Suite’s Oracle Knowledge Management (UI subcomponent). Affected versions are 12.1.1, 12.1.2 and 12.1.3. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise Oracle Knowledge Management. While exploitation requires...
CVE-2024-20948
CVE-2024-20948 affects Oracle E-Business Suite, Oracle Knowledge Management (Setup, Admin) in versions 12.2.3–12.2.13. An unauthenticated, network-accessible attacker (HTTP) can exploit via Oracle Knowledge Management, with user interaction required, to perform unauthorized updates, inserts, dele...
CVE-2020-2841
CVE-2020-2841 affects Oracle Knowledge Management within Oracle E-Business Suite (component: Setup, Admin) and is applicable to 12.1.1–12.1.3. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management, with human interaction requir...
CVE-2019-2660
This CVE concerns Oracle E-Business Suite Knowledge Management (Setup/Admin) with affected versions 12.1.1, 12.1.2, 12.1.3, 12.2.3–12.2.8. The vulnerability allows an unauthenticated attacker with network access over HTTP to compromise Oracle Knowledge Management. Attacks require human interactio...
CVE-2024-20940
The CVE-2024-20940 entry concerns Oracle E-Business Suite’s Knowledge Management component (Create/Update/Authoring Flow). Affected versions are 12.2.3–12.2.13; the issue is exploitable over HTTP with network access and unauthenticated access, requiring user interaction, and may lead to unauthori...