Oracle: >> Customer Relationship Management Technical Foundation Security Vulnerabilities
Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle CRM Technical Foundation accessible data as well as unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).
CVSS Score
8.2
EPSS Score
0.008
Published
2017-01-27
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote authenticated users to affect confidentiality via unknown vectors.
CVSS Score
4.3
EPSS Score
0.002
Published
2016-10-25
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality and integrity via unknown vectors.
CVSS Score
8.2
EPSS Score
0.003
Published
2016-10-25
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0579, CVE-2016-0582, and CVE-2016-0583.
CVSS Score
4.3
EPSS Score
0.003
Published
2016-01-21
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0579, CVE-2016-0583, and CVE-2016-0584.
CVSS Score
4.3
EPSS Score
0.003
Published
2016-01-21
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect integrity via vectors related to BIS Common Components, a different vulnerability than CVE-2016-0582, CVE-2016-0583, and CVE-2016-0584.
CVSS Score
4.3
EPSS Score
0.003
Published
2016-01-21
Unspecified vulnerability in the Oracle CRM Technology Foundation component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via vectors related to BIS Common Components.
CVSS Score
6.4
EPSS Score
0.003
Published
2016-01-21
Unspecified vulnerability in the Oracle CRM Technical Foundation component in Oracle E-Business Suite 11.5.10.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to CRM HTML Administration.
CVSS Score
6.4
EPSS Score
0.003
Published
2016-01-21
Page 3