Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 10/05/2020 Updated: 21/07/2021

CVSS v2 Base Score: 4.9 | Impact Score: 4.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 4.8 | Impact Score: 2.7 | Exploitability Score: 1.7

VMScore: 436

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:N

** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle iplanet web server

CWE-79 https://www.oracle.com/support/lifetime-support/https://www.oracle.com/us/assets/lifetime-support-middleware-069163.pdf https://wwws.nightwatchcybersecurity.com/2020/05/10/two-vulnerabilities-in-oracles-iplanet-web-server-cve-2020-9315-and-cve-2020-9314/http://seclists.org/fulldisclosure/2020/May/31 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-9314

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect