CVE-2014-4229 : Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6

Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, and 6.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Data, Domain, and Function Security.

Published 2014-07-17 05:10:17

Updated 2018-10-09 19:48:17

Source Oracle

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2014-4229

Probability of exploitation activity in the next 30 days: 0.31%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-4229

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:N	8.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2014-4229

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

VMSA-2014-0012.1

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Oracle Critical Patch Update - July 2014
Vendor Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1030582

Oracle Supply Chain Products Suite Bugs Let Remote Users Partially Access and Modify Data - SecurityTracker

CVEs referencing this url
http://www.securityfocus.com/bid/68640

Oracle Transportation Management CVE-2014-4229 Remote Security Vulnerability
https://exchange.xforce.ibmcloud.com/vulnerabilities/94574

Oracle Transportation Management DDFS unspecified CVE-2014-4229 Vulnerability Report
http://seclists.org/fulldisclosure/2014/Dec/23

Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

CVEs referencing this url
http://www.securityfocus.com/archive/1/534161/100/0/threaded

SecurityFocus

CVEs referencing this url

Products affected by CVE-2014-4229

Oracle » Supply Chain Products Suite » Version: 6.2.0
cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:*:*:*:*:*:*:*
Matching versions
Oracle » Supply Chain Products Suite » Version: 6.3.0
cpe:2.3:a:oracle:supply_chain_products_suite:6.3.0:*:*:*:*:*:*:*
Matching versions
Oracle » Supply Chain Products Suite » Version: 6.3.1
cpe:2.3:a:oracle:supply_chain_products_suite:6.3.1:*:*:*:*:*:*:*
Matching versions
Oracle » Supply Chain Products Suite » Version: 6.3.2
cpe:2.3:a:oracle:supply_chain_products_suite:6.3.2:*:*:*:*:*:*:*
Matching versions
Oracle » Supply Chain Products Suite » Version: 6.3.3
cpe:2.3:a:oracle:supply_chain_products_suite:6.3.3:*:*:*:*:*:*:*
Matching versions
Oracle » Supply Chain Products Suite » Version: 6.3.4
cpe:2.3:a:oracle:supply_chain_products_suite:6.3.4:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-4229

Exploit prediction scoring system (EPSS) score for CVE-2014-4229

CVSS scores for CVE-2014-4229

References for CVE-2014-4229

Products affected by CVE-2014-4229