Published: 15/01/2014 Updated: 28/01/2014

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Subscribe to Supply Chain Products Suite Sql-server

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, 12.2.2, and 12.2.3 allows remote malicious users to affect confidentiality via unknown vectors related to DM Others.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle supply chain products suite sql-server 12.2.3
oracle supply chain products suite 7.2.0.3
oracle supply chain products suite sql-server 12.2.1
oracle supply chain products suite sql-server 12.2.2
oracle supply chain products suite sql-server 7.3.0
oracle supply chain products suite sql-server 7.3.1

Details: Demantra has a backend function that allows anyone to retrieve the database instance name and the corresponding credentials Impact: A remote, unauthenticated attacker could exploit this issue in combination with other found issues, to extract the database credentials and instance name Exploit: The target URL is: targetcom:808 ...

Oracle Demantra version 1221 suffers from a data credential leak vulnerability ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64846 http://www.securitytracker.com/id/1029620 http://secunia.com/advisories/56474 http://osvdb.org/102096 https://nvd.nist.gov https://www.exploit-db.com/exploits/31995/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-5795

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect