Описание
Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host".
Ссылки
- PatchThird Party AdvisoryVDB Entry
- PatchThird Party AdvisoryUS Government Resource
- Patch
- Third Party AdvisoryVDB EntryVendor Advisory
- VDB Entry
- PatchThird Party AdvisoryVDB Entry
- PatchThird Party AdvisoryUS Government Resource
- Patch
- Third Party AdvisoryVDB EntryVendor Advisory
- VDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 11.5.6.0.0 (включая) до 11.5.6.16.53 (включая)Версия от 11.5.7.0.0 (включая) до 11.5.7.17.31 (включая)
Одно из
cpe:2.3:a:oracle:configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:configurator:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:configurator:11i:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02093
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive information via a request to the oracle.apps.cz.servlet.UiServlet servlet with the test parameter set to "version" or "host".
EPSS
Процентиль: 84%
0.02093
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other