Vulnerability in Oracle E-Business Suite's Oracle Applications Manager
CVE-2017-10144

7.5HIGH

Key Information:

Vendor
Oracle
Status
Applications Manager
Vendor
CVE Published:
8 August 2017

Summary

A vulnerability exists within the Oracle Applications Manager component of Oracle E-Business Suite that enables unauthenticated attackers with network access via HTTP to exploit the system. This flaw allows for unauthorized operations that may compromise the integrity of Oracle Applications Manager, potentially leading to denial-of-service (DoS) conditions. Successful exploitation can result in the service hanging or becoming unresponsive, severely impacting the availability of the application.

References

http://www.securityfocus.com/bid/99685
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038926
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.