CVE-2007-2128 — Oracle E-business Suite vulnerability

9 documents3 sources

Severity

9.4CRITICALNVD

NVD9.0NVD7.8CNA10.0CNA9.0

EPSS

1.9%

top 16.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite

Timeline

PublishedApr 18

Latest updateMay 1

Description

Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

▶NVDoracle/e-business_suite11.5.10

🔴Vulnerability Details

GHSA

GHSA-993q-wpwh-rhvq: The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS↗2022-05-01

▶

GHSA

GHSA-vrqh-qwvr-mr23: The APPLSYS↗2022-05-01

▶

GHSA

GHSA-9p38-m4m8-2mfm: Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11↗2022-05-01

▶

CVEList

CVE-2007-2170: The APPLSYS↗2007-04-24

▶

CVEList

CVE-2007-2135: The ADI_BINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS↗2007-04-24

▶