Vulnerability in Oracle iLearning Affects Learner Pages
CVE-2017-10199

8.2HIGH

Key Information:

Vendor

Oracle
Status
Ilearning
Vendor
CVE Published:
8 August 2017

What is CVE-2017-10199?

A vulnerability exists within the Oracle iLearning component, specifically impacting the Learner Pages subcomponent. This issue allows unauthenticated network attackers to exploit the system via HTTP. Although successful exploitation necessitates human interaction from a separate user, the implications of this vulnerability can extend beyond Oracle iLearning itself. Attackers can gain unauthorized access to critical data, potentially leading to complete control over all information accessible through Oracle iLearning. Furthermore, they may have the ability to illegitimately update, insert, or delete sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

iLearning 6.2

References

http://www.securityfocus.com/bid/99637
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038949
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.