User Interface Vulnerability in Oracle Trade Management by Oracle
CVE-2020-14857

8.2HIGH

Key Information:

Vendor: Oracle
Status: Trade Management
Vendor: CVE Published:; 21 October 2020

Summary

An unauthenticated attacker with network access via HTTP can exploit a vulnerability in the User Interface of Oracle Trade Management. This exploit requires human interaction from a user, potentially leading to unauthorized access to sensitive data within Oracle Trade Management. The impact of this vulnerability could extend to other interconnected products within the Oracle ecosystem. Successful exploits may enable hackers to view, modify, or delete critical information, posing significant risks to data integrity and confidentiality.

Affected Version(s)

Trade Management 12.1.1 - 12.1.3

Trade Management 12.2.3 - 12.2.10

References

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

CVSS V3.1

Score:

8.2

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Oct 21, 2020
Vulnerability Reserved
Jun 19, 2020