Описание
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.
The Java Portlet Specification JSR286 API jar file code could allow a remote attacker to obtain sensitive information, caused by the failure to restrict access to resources located within the web application. An attacker could exploit this vulnerability to obtain configuration data and other sensitive information.
Отчет
CVE-2015-1926 did not affect JBoss Portal Platform as provided by Red Hat. For further detail, refer to the knowledge base article at https://access.redhat.com/solutions/1488163
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat JBoss Enterprise Web Server 1 | fuse-6 | Under investigation | ||
| Red Hat JBoss Portal 6 | portlet | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
Связанные уязвимости
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.
Уязвимость системы автоматизации деятельности предприятия Oracle E-Business Suite и программной платформы Oracle Fusion Middleware, позволяющая нарушителю нарушить конфиденциальность и целостность информации
EPSS