Vulnerability in Oracle Application Testing Suite Affecting Oracle Enterprise Manager
CVE-2018-3304

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Application Testing Suite
Vendor: CVE Published:; 16 January 2019

Summary

The vulnerability in the Oracle Application Testing Suite component allows an unauthenticated attacker with HTTP network access to exploit the system. This can result in unauthorized modifications to accessible data, including the ability to update, insert, or delete information. Additionally, the vulnerability poses a risk of causing a partial denial of service, potentially impacting the availability of Oracle Application Testing Suite functionalities.

Affected Version(s)

Application Testing Suite 12.5.0.3

Application Testing Suite 13.1.0.1

Application Testing Suite 13.2.0.1

References

http://www.securityfocus.com/bid/106615

vdb-entryx_refsource_BID

http://www.oracle.com/technetwork/security-advisory/cpuja...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 16, 2019
Vulnerability Reserved
Dec 15, 2017