Vulnerability in Oracle E-Business Suite Affecting Universal Work Queue Component
CVE-2017-3415

8.2HIGH

Key Information:

Vendor

Oracle
Status
Universal Work Queue
Vendor
CVE Published:
27 January 2017

What is CVE-2017-3415?

This vulnerability exists within the Oracle Universal Work Queue component of Oracle E-Business Suite, allowing an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation necessitates human interaction from a third party, and while the vulnerability directly affects the Universal Work Queue, it can also have significant repercussions on associated products. Exploiting this vulnerability grants unauthorized access to sensitive data as well as the ability to update, insert, or delete data accessible through the Oracle Universal Work Queue. This poses a serious threat to data integrity and confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Universal Work Queue 12.1.1

Universal Work Queue 12.1.2

Universal Work Queue 12.1.3

References

http://www.securityfocus.com/bid/95487
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037639
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuja...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.