CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-39428

Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this vulnerability can result in takeover of Oracle Web Applications Desktop Integrator. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.405

EPSS Ranking 97.2%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2022-39428

Oracle » Web Applications Desktop Integrator » Version: 12.2.10

cpe:2.3:a:oracle:web_applications_desktop_integrator:12.2.10
Oracle » Web Applications Desktop Integrator » Version: 12.2.11

cpe:2.3:a:oracle:web_applications_desktop_integrator:12.2.11
Oracle » Web Applications Desktop Integrator » Version: 12.2.3

cpe:2.3:a:oracle:web_applications_desktop_integrator:12.2.3
Oracle » Web Applications Desktop Integrator » Version: 12.2.4

cpe:2.3:a:oracle:web_applications_desktop_integrator:12.2.4
Oracle » Web Applications Desktop Integrator » Version: 12.2.5

cpe:2.3:a:oracle:web_applications_desktop_integrator:12.2.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-39428

Products

Pricing

Contact Us