Oracle E-Business Suite Vulnerability in Application Object Library
CVE-2019-2621

4.7MEDIUM

Key Information:

Vendor: Oracle
Status: Application Object Library
Vendor: CVE Published:; 23 April 2019

Summary

The vulnerability in the Oracle Application Object Library of the Oracle E-Business Suite allows an unauthenticated attacker to compromise the system through network access over HTTP. This vulnerability requires human interaction, which can lead to unauthorized updates, inserts, or deletions of critical data within the Oracle Application Object Library. Although the flaw lies within this specific component, its exploitation can have broader implications across other products in the suite, posing a significant risk to data integrity.

Affected Version(s)

Application Object Library 12.1.3

Application Object Library 12.2.3

Application Object Library 12.2.4

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_MISC

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 23, 2019
Vulnerability Reserved
Dec 14, 2018