Vulnerability in Oracle Advanced Outbound Telephony of Oracle E-Business Suite
CVE-2019-2663

8.2HIGH

Key Information:

Vendor: Oracle
Status: Advanced Outbound Telephony
Vendor: CVE Published:; 23 April 2019

Summary

A security vulnerability exists in the Oracle Advanced Outbound Telephony component of the Oracle E-Business Suite, affecting multiple versions. This flaw allows an unauthenticated attacker with network access via HTTP to exploit the component. Successful exploitation requires human interaction from someone other than the attacker, posing a risk of unauthorized access to sensitive data and potential manipulation of Oracle Advanced Outbound Telephony accessible data. This vulnerability could lead to significant data breaches and operational disruptions across affected systems.

Affected Version(s)

Advanced Outbound Telephony 12.1.1

Advanced Outbound Telephony 12.1.2

Advanced Outbound Telephony 12.1.3

References

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Apr 23, 2019
Vulnerability Reserved
Dec 14, 2018