Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-3wfg-8w2f-r7qj

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Ссылки

EPSS

Процентиль: 89%
0.0442
Низкий

CVE ID

CVE-2020-14862

Связанные уязвимости

nvd логотип

CVE-2020-14862

CVSS3: 8.8
nvd
больше 5 лет назад

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3 - 12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

fstec логотип

BDU:2020-04962

CVSS3: 8.8
fstec
больше 5 лет назад

Уязвимость компонента Internal Operations приложения для доступа, организации и взаимодействия различных типов работ Oracle Universal Work Queue системы автоматизации деятельности предприятия Oracle E-Business Suite, позволяющая нарушителю получить полный контроль над приложением

EPSS

Процентиль: 89%
0.0442
Низкий

CVE ID

CVE-2020-14862