IQID:18811 HTTP Oracle Reports Developer CVE-2019-2413 Remote Security Vulnerability S
IQID: 18811 - February 2019
Vulnerability in the Oracle Reports Developer component of Oracle
Fusion Middleware (subcomponent: Valid Session). The supported version
that is affected is 12.2.1.3. Easily exploitable vulnerability allows
unauthenticated attacker with network access via HTTP to compromise
Oracle Reports Developer. Successful attacks require human interaction
from a person other than the attacker and while the vulnerability is
in Oracle Reports Developer, attacks may significantly impact
additional products. Successful attacks of this vulnerability can
result in unauthorized update, insert or delete access to some of
Oracle Reports Developer accessible data as well as unauthorized read
access to a subset of Oracle Reports Developer accessible data. CVSS
3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS
Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).
A Full Description is available for this threat, please sign in for access to Full Description.
Attack Data
Attack Data is available for this threat, please sign in for access to Attack Data.
CVSS Information
CVSS Information is available for this threat, please sign in for access to CVSS Information.
Date
Date Information is available for this threat, please sign in for access to Date Information.
External Resources
External resources are available for this threat, please sign in for access to external resources.
Security Rule
A security rule is available to identify this threat, please sign in for access to security rules.
Permalink
Link directly to this page.
http://www.idappcom.com/db/?18811
© 2024 by IDappcom. Privacy policy. IDappcom Ltd, 6 Rural Enterprise Centre, Ludlow, Shropshire, SY8 1FF.