Oracle E-Business Suite Internet Expenses Vulnerability Exposure
CVE-2020-14719

7.7HIGH

Key Information:

Vendor: Oracle
Status: Internet Expenses
Vendor: CVE Published:; 15 July 2020

Summary

A vulnerability in Oracle Internet Expenses, part of the Oracle E-Business Suite, allows low privileged attackers with network access via HTTP to exploit the system. This flaw enables unauthorized users to create, modify, or delete critical data within Oracle Internet Expenses, posing a threat not only to this product but potentially to others within the suite. The exploitation of this vulnerability highlights significant security risks, emphasizing the need for immediate attention and remediation to protect sensitive data from unauthorized manipulation.

Affected Version(s)

Internet Expenses 12.2.4-12.2.9

References

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Jul 15, 2020
Vulnerability Reserved
Jun 19, 2020