Design/Logic Flaw

2019-10-1618:15:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

High

0.076 Low

EPSS

Percentile

94.2%

JSON

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CPENameOperatorVersion
application_testing_suiteeq12.5.0.3
application_testing_suiteeq13.1.0.1
application_testing_suiteeq13.2.0.1
application_testing_suiteeq13.3.0.1
banking_enterprise_collectionseq2.7.0
banking_enterprise_collectionseq2.8.0
banking_enterprise_originationseq2.8.0
banking_enterprise_originationseq2.7.0
banking_enterprise_product_manufacturingeq2.7.0
banking_enterprise_product_manufacturingeq2.8.0

Name	Operator	Version
application_testing_suite	eq	12.5.0.3
application_testing_suite	eq	13.1.0.1
application_testing_suite	eq	13.2.0.1
application_testing_suite	eq	13.3.0.1
banking_enterprise_collections	eq	2.7.0
banking_enterprise_collections	eq	2.8.0
banking_enterprise_originations	eq	2.8.0
banking_enterprise_originations	eq	2.7.0
banking_enterprise_product_manufacturing	eq	2.7.0
banking_enterprise_product_manufacturing	eq	2.8.0