Описание
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener.
Ссылки
- PatchVendor Advisory
- Patch
- Third Party AdvisoryUS Government Resource
- Patch
- PatchVendor Advisory
- Patch
- Third Party AdvisoryUS Government Resource
- Patch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:oracle:e-business_suite:10.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.5:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.6:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:e-business_suite:11.8:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01287
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener.
EPSS
Процентиль: 79%
0.01287
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other