Vulnerability in Oracle Application Testing Suite by Oracle
CVE-2019-2727

7.3HIGH

Key Information:

Vendor: Oracle
Status: Application Testing Suite
Vendor: CVE Published:; 23 July 2019

Summary

An unauthenticated access vulnerability exists in the Oracle Application Testing Suite, which is part of Oracle Enterprise Manager Products Suite. This flaw allows an attacker with network access to HTTP to potentially compromise the system. Successful exploitation can enable unauthorized modifications, including updates, insertions, or deletions of accessible data, as well as unauthorized reads of sensitive data. Furthermore, it poses a risk of partial denial of service conditions, jeopardizing the availability of the application.

Affected Version(s)

Application Testing Suite 13.3

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

7.3

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018