- Description
- Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10CU2 and 12.0.1 allow remote attackers to have an unknown impact via (a) Oracle Configurator (APPS02), (b) Oracle iExpenses (APPS03), (c) Oracle Application Object Library (APPS09), and (1) APPS12, (2) APPS13, and (3) APPS14 in (d) Oracle Payables.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.5
- Impact score
- 6.4
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:P
- Hype score
- Not currently trending
- Comment
- -
- Impact
- As the impact type is unspecified, it has been set to a default value of "Obtain Other Access (e.g. application account)."
- Solution
- As the impact type is unspecified, it has been set to a default value of "Obtain Other Access (e.g. application account)."
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "80B61990-9CC2-4215-9879-AC817F4E6767"
},
{
"criteria": "cpe:2.3:a:oracle:e-business_suite:12.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "610AE265-C18D-4895-8034-5DB331DC68DF"
}
],
"operator": "OR"
}
]
}
]