CVE-2007-0290 — Oracle E-business Suite vulnerability

CWE-2644 documents4 sources

Severity

5.5MEDIUMNVD

EPSS

1.8%

top 17.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite

Timeline

PublishedJan 17

Latest updateMay 1

Description

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.10CU2 have unknown impact and attack vectors related to (1) Application Object Library (APPS01), (2) Human Resources (APPS03), (3) Payables (APPS04), (4) Trading Community Architecture (APPS05), and (5) Web Applications Desktop Integrator (APPS06).

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages1 packages

▶NVDoracle/e-business_suite11.5.10.2

Patches

Patch: secunia.com ↗Patch: www.us-cert.gov ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-x3f8-9pw6-9v28: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11↗2022-05-01

▶

CVEList

CVE-2007-0290: Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11↗2007-01-17

▶

📋Vendor Advisories

Cisco

Local Privilege Escalation Vulnerabilities in Cisco VPN Client↗2007-08-15

▶