Vulnerability in Oracle Applications Manager of Oracle E-Business Suite
CVE-2019-2825

6.5MEDIUM

Key Information:

Vendor: Oracle
Status: Applications Manager
Vendor: CVE Published:; 23 July 2019

What is CVE-2019-2825?

A vulnerability exists in the Oracle Applications Manager component of Oracle E-Business Suite that allows a high privileged attacker with network access via HTTP to exploit the system. This exploitable flaw could lead to unauthorized creation, deletion, or modification of critical data within Oracle Applications Manager. Successful exploitation enables an attacker to gain unauthorized access to sensitive data, compromising both the confidentiality and integrity of affected systems.

Affected Version(s)

Applications Manager 12.1.3

Applications Manager 12.2.3 - 12.2.8

References

http://www.oracle.com/technetwork/security-advisory/cpuju...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2019
Vulnerability Reserved
Dec 14, 2018