Vulnerability in Oracle Trade Management Component of Oracle E-Business Suite
CVE-2019-2641

8.2HIGH

Key Information:

Vendor: Oracle
Status: Trade Management
Vendor: CVE Published:; 23 April 2019

Summary

An unauthenticated vulnerability exists within the Oracle Trade Management component of Oracle E-Business Suite. This issue allows an attacker with network access to exploit the system via HTTP, potentially compromising critical data. While the vulnerability is localized to Oracle Trade Management, successful exploitation can impact additional associated products. Attackers require human interaction from a third party to execute their malicious activities, which may lead to unauthorized access or manipulation of vital data within the system.

Affected Version(s)

Trade Management 12.1.1

Trade Management 12.1.2

Trade Management 12.1.3

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 23, 2019
Vulnerability Reserved
Dec 14, 2018