Vulnerability in Oracle Email Center Affects Oracle E-Business Suite
CVE-2020-2794

8.2HIGH

Key Information:

Vendor

Oracle
Status
Email Center
Vendor
CVE Published:
15 April 2020

What is CVE-2020-2794?

The vulnerability within Oracle Email Center allows unauthenticated attackers to exploit network access via HTTP, potentially compromising sensitive data. Although attacks necessitate human interaction, the repercussions can extend beyond the Oracle Email Center, possibly affecting other connected products. Successful exploitation grants attackers unauthorized access to critical data and enables unsanctioned modifications, including updates, insertions, or deletions of data within the Oracle Email Center systems, raising significant concerns regarding data integrity and confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Email Center 12.1.1-12.1.3

Email Center 12.2.3-12.2.9

References

https://www.oracle.com/security-alerts/cpuapr2020.html
x_refsource_MISC

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.