Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Universal Work Queue accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
oracle universal work queue 12.2.6 |
||
oracle universal work queue 12.1.1 |
||
oracle universal work queue 12.2.3 |
||
oracle universal work queue 12.2.4 |
||
oracle universal work queue 12.2.5 |
||
oracle universal work queue 12.1.2 |
||
oracle universal work queue 12.1.3 |
||
oracle universal work queue 12.2.7 |
Brrrt! Brrrt! Brrrt! Big Red's bug gun targets 252 bugs, and you for not patching fast enough
Hundreds of products, more than 250 vulnerabilities … yes, it's Oracle's quarterly critical patch update day! Oracle opens its bulletin with news that it "... continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes." "In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customer...