Oracle » E-business Suite : Security Vulnerabilities, CVEs, CVSS score between 2 and 3.99
Unspecified vulnerability in the Oracle Mobile Application Servlet component in Oracle E-Business Suite 12.1 and 12.2 allows local users to affect confidentiality via vectors related to MWA Server Manager.
Max CVSS
2.1
EPSS Score
0.04%
Published
2016-01-21
Updated
2017-09-10
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.1, and 12.2 allows remote attackers to affect integrity via vectors related to UIX.
Max CVSS
2.6
EPSS Score
0.16%
Published
2016-01-21
Updated
2017-09-10
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality via vectors related to Business Objects - BC4J.
Max CVSS
2.1
EPSS Score
0.09%
Published
2015-10-21
Updated
2016-12-24
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality and integrity via vectors related to SQL Extensions. NOTE: the previous information is from the October 2015 CPU. Oracle has not commented on third-party claims that this issue is a SQL injection vulnerability, which allows remote authenticated users to execute arbitrary SQL commands via a request involving the afamexts.sql SQL extension.
Max CVSS
3.6
EPSS Score
0.20%
Published
2015-10-21
Updated
2018-12-10
Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via vectors related to OAM Dashboard.
Max CVSS
3.5
EPSS Score
0.07%
Published
2015-07-16
Updated
2017-09-22
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Dialog popup.
Max CVSS
3.5
EPSS Score
0.07%
Published
2015-07-16
Updated
2017-09-22
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Help screens.
Max CVSS
3.5
EPSS Score
0.07%
Published
2015-07-16
Updated
2017-09-22
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors.
Max CVSS
3.5
EPSS Score
0.07%
Published
2015-07-16
Updated
2017-09-22
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Input validation.
Max CVSS
2.1
EPSS Score
0.08%
Published
2015-07-16
Updated
2017-09-22
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Error Messages.
Max CVSS
2.6
EPSS Score
0.16%
Published
2015-04-16
Updated
2017-01-03
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect integrity via unknown vectors related to Templates.
Max CVSS
3.5
EPSS Score
0.07%
Published
2015-01-21
Updated
2016-06-17
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows remote authenticated users to affect integrity via unknown vectors.
Max CVSS
3.5
EPSS Score
0.25%
Published
2014-07-17
Updated
2018-10-09
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to storage of credentials in the (1) FND_LOG_MESSAGES database table or (2) log files by "native login pages."
Max CVSS
3.5
EPSS Score
0.36%
Published
2013-07-17
Updated
2017-08-29
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality via unknown vectors related to Diagnostics.
Max CVSS
2.6
EPSS Score
0.21%
Published
2013-04-17
Updated
2013-10-11
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Bookmarkable Pages.
Max CVSS
2.1
EPSS Score
0.07%
Published
2013-01-17
Updated
2013-10-11
Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Publish Item.
Max CVSS
3.5
EPSS Score
0.07%
Published
2012-10-17
Updated
2013-10-11
Unspecified vulnerability in the Oracle Field Service component in Oracle E-Business Suite 12.1.3 allows remote authenticated users to affect integrity, related to Wireless/WAP upload.
Max CVSS
3.5
EPSS Score
0.07%
Published
2012-10-16
Updated
2013-10-11
Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Financials Business Intelligence.
Max CVSS
3.5
EPSS Score
0.24%
Published
2012-07-17
Updated
2017-08-29
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Document Repository.
Max CVSS
3.5
EPSS Score
0.24%
Published
2012-07-17
Updated
2017-08-29
Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0.4, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via unknown vectors related to Runtime Catalog.
Max CVSS
2.6
EPSS Score
0.50%
Published
2012-05-03
Updated
2017-12-07
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.0.6 and 12.1.3 allows remote attackers to affect integrity, related to REST Services.
Max CVSS
2.6
EPSS Score
0.47%
Published
2012-05-03
Updated
2017-12-07
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.2 and 12.1.3 allows remote authenticated users to affect confidentiality, related to REST Services.
Max CVSS
3.5
EPSS Score
0.11%
Published
2011-10-18
Updated
2012-11-06
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Attachments / File Upload.
Max CVSS
3.5
EPSS Score
0.10%
Published
2011-10-18
Updated
2017-09-09
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows remote authenticated users to affect integrity via unknown vectors related to Attachments / File Upload.
Max CVSS
3.5
EPSS Score
0.07%
Published
2012-01-18
Updated
2012-01-19
Unspecified vulnerability in the Applications Install component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors.
Max CVSS
2.1
EPSS Score
0.08%
Published
2011-04-20
Updated
2011-04-20