Security Flaw in Oracle E-Business Suite's Print Server Component
CVE-2019-2551

8.2HIGH

Key Information:

Vendor: Oracle
Status: One-to-one Fulfillment
Vendor: CVE Published:; 23 April 2019

Summary

A vulnerability exists in the Oracle E-Business Suite's Print Server component, enabling an unauthenticated attacker with network access via HTTP to exploit the system. While exploiting this vulnerability necessitates interaction from someone other than the attacker, the implications are serious. Successful exploitation can lead to unauthorized access to critical data and the ability to modify, insert, or delete information within Oracle One-to-One Fulfillment. This vulnerability can affect multiple interlinked components of the Oracle ecosystem, posing significant risks to data integrity and confidentiality.

Affected Version(s)

One-to-One Fulfillment 12.1.1

One-to-One Fulfillment 12.1.2

One-to-One Fulfillment 12.1.3

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 23, 2019
Vulnerability Reserved
Dec 14, 2018