Lucene search
PRIOn knowledge basePRION:CVE-2021-2290HistoryApr 22, 2021 - 10:15 p.m.
Design/Logic Flaw
2021-04-2222:15:00
PRIOn knowledge base
www.prio-n.com
3
Vulnerability in the Oracle Engineering product of Oracle E-Business Suite (component: Change Management). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Engineering. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Engineering accessible data as well as unauthorized access to critical data or complete access to all Oracle Engineering accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).
| CPE | Name | Operator | Version |
|---|---|---|---|
| engineering | ge | 12.2.3 | |
| engineering | le | 12.2.10 | |
| engineering | ge | 12.1.1 | |
| engineering | le | 12.1.3 |
Related
cvelist
cvelist
CVE-2021-2290
2021-04-22 21:54:00
cve
cve
CVE-2021-2290
2021-04-22 22:15:16
nvd
nvd
CVE-2021-2290
2021-04-22 22:15:16
threatpost
threatpost
F5, CISA Warn of Critical BIG-IP and BIG-IQ RCE Bugs
2021-03-11 14:21:50
nessus
nessus
Oracle E-Business Suite Multiple Vulnerabilities (April 2021 CPU)
2021-04-23 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00