CVE-2006-5355 — Oracle Application Server vulnerability

3 documents3 sources

Severity

10.0CRITICALNVD

EPSS

0.8%

top 26.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server Oracle Collaboration Suite Oracle E-business Suite

Timeline

PublishedOct 18

Latest updateMay 1

Description

Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.1.0, Collaboration Suite 9.0.4.2 and 10.1.2, and Oracle E-Business Suite and Applications 11.5.10CU2 has unknown impact and remote attack vectors, aka Vuln# SSO01.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶NVDoracle/e-business_suite11.5.10.2

▶NVDoracle/application_server10.1.2.0.2, 10.1.2.1.0, 9.0.4.3+2

▶NVDoracle/collaboration_suite10.1.2, 9.0.4.2+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-68m3-75v4-w8wp: Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9↗2022-05-01

▶

CVEList

CVE-2006-5355: Unspecified vulnerability in Oracle Single Sign-On component in Oracle Application Server 9↗2006-10-18

▶