Vulnerability Details : CVE-2014-0435
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1, 6.2, 6.3, 6.3.1, and 6.3.2 allows remote authenticated users to affect availability via unknown vectors related to Data, Domain & Function Security.
Exploit prediction scoring system (EPSS) score for CVE-2014-0435
Probability of exploitation activity in the next 30 days: 0.58%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-0435
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST |
References for CVE-2014-0435
-
http://www.securitytracker.com/id/1029620
Oracle Supply Chain Products Suite Lets Remote Users Access and Modify Data and Remote Authenticated Users Deny Service - SecurityTracker
-
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Oracle Critical Patch Update - January 2014Vendor Advisory
-
http://www.securityfocus.com/bid/64758
RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities
-
http://www.securityfocus.com/bid/64869
Oracle Supply Chain Products Suite CVE-2014-0435 Remote Security Vulnerability
Products affected by CVE-2014-0435
- cpe:2.3:a:oracle:supply_chain_products_suite:6.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.2:*:*:*:*:*:*:*