Vulnerability in Oracle E-Business Suite Attachments Component
CVE-2017-10244

5.3MEDIUM

Key Information:

Vendor: Oracle
Status: Application Object Library
Vendor: CVE Published:; 8 August 2017

🔔 Create Oracle Vulnerability Alert

What is CVE-2017-10244?

A vulnerability exists within the Attachments component of the Oracle Application Object Library in Oracle E-Business Suite, allowing unauthenticated attackers with network access via HTTP to exploit it. This flaw can lead to unauthorized access to sensitive data within the application, emphasizing the need for robust security measures and patch implementations across affected versions 12.1.3, 12.2.3, 12.2.4, 12.2.5, and 12.2.6.

Affected Version(s)

Application Object Library 12.1.3

Application Object Library 12.2.3

Application Object Library 12.2.4

References

http://www.securityfocus.com/bid/99702

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1038926

vdb-entryx_refsource_SECTRACK

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 8, 2017
Vulnerability Reserved
Jun 21, 2017

.

CVE-2017-10244 : Vulnerability in Oracle E-Business Suite Attachments Component