CVE-2009-3407

3 documents3 sources

Severity

4.3MEDIUM

EPSS

3.1%

top 13.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Application Server

Timeline

PublishedOct 22

Latest updateMay 2

Description

Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.2.3 and 10.1.4.2 allows remote attackers to affect integrity via unknown vectors, a different vulnerability than CVE-2009-0974 and CVE-2009-0983.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDoracle/application_server10.1.2.3, 10.1.4.2+1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-93qv-2hpr-4mmc: Unspecified vulnerability in the Portal component in Oracle Application Server 10↗2022-05-02

▶

CVEList

CVE-2009-3407: Unspecified vulnerability in the Portal component in Oracle Application Server 10↗2009-10-22

▶