Vulnerability in Oracle E-Business Suite Security Features
CVE-2017-3286
6MEDIUM
Summary
A vulnerability exists in the Oracle Applications DBA component of Oracle E-Business Suite, particularly in its patching functionality. This issue allows a highly privileged attacker, who has logged into the environment where the Oracle Applications DBA operates, to exploit the system. Successful exploitation can lead to unauthorized actions such as the creation, deletion, or modification of critical data accessible through Oracle Applications DBA. Attackers may gain unauthorized access to sensitive information, with potential ramifications for data integrity and confidentiality across the platform.
Affected Version(s)
Applications DBA 12.1.3
Applications DBA 12.2.3
Applications DBA 12.2.4
References
CVSS V3.1
Score:
6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved