Vulnerability Details : CVE-2014-4229
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, and 6.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Data, Domain, and Function Security.
Exploit prediction scoring system (EPSS) score for CVE-2014-4229
Probability of exploitation activity in the next 30 days: 0.31%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4229
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
5.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:N |
8.0
|
4.9
|
NIST |
References for CVE-2014-4229
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://www.securitytracker.com/id/1030582
Oracle Supply Chain Products Suite Bugs Let Remote Users Partially Access and Modify Data - SecurityTracker
-
http://www.securityfocus.com/bid/68640
Oracle Transportation Management CVE-2014-4229 Remote Security Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94574
Oracle Transportation Management DDFS unspecified CVE-2014-4229 Vulnerability Report
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
Products affected by CVE-2014-4229
- cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.4:*:*:*:*:*:*:*