Published: 16/04/2014 Updated: 09/10/2018

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote malicious users to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle fusion middleware 2.2.2

Advisory: Endeca Latitude Cross-Site Request Forgery RedTeam Pentesting discovered a Cross-Site Request Forgery (CSRF) vulnerability in Endeca Latitude Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely Details ======= Product: Endeca Latitude Affecte ...

RedTeam Pentesting discovered a cross site request forgery vulnerability in Endeca Latitude version 222 Using this vulnerability, an attacker might be able to change several different settings of the Endeca Latitude instance or disable it entirely ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html http://www.exploit-db.com/exploits/33897 http://www.securityfocus.com/bid/66864 http://seclists.org/fulldisclosure/2014/Jun/123 http://packetstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.html http://www.securityfocus.com/archive/1/532556/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/33897/

CVE-2014-2399

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect