CVE-2014-4281Hard-coded Credentials in Oracle E-business Suite

CWE-798Hard-coded Credentials4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.4%
top 42.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle E-business Suite
Timeline
PublishedOct 15
Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Portal Integration.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

NVDoracle/e-business_suite5 versions+4

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-hc25-89p7-mgjf: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 122022-05-17
CVEList
CVE-2014-4281: Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 122014-10-15

📋Vendor Advisories

1
Red Hat
openshift-origin-broker: default password creation2014-05-14
CVE-2014-4281 — Hard-coded Credentials in Oracle | cvebase