CVE-2014-2424

Опубликовано: 16 апр. 2014

Источник: nvd

CVSS2: 4

EPSS Высокий

Описание

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

Ссылки

http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html
http://www.exploit-db.com/exploits/33989
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
Vendor Advisory
http://www.osvdb.org/105844
http://www.securityfocus.com/bid/66871
http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html
http://www.exploit-db.com/exploits/33989
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
Vendor Advisory
http://www.osvdb.org/105844
http://www.securityfocus.com/bid/66871

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 99%

0.80022

Высокий

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-vjc7-vhmq-3cwg

github

больше 3 лет назад