CVE-2015-1926 — Oracle E-business Suite vulnerability

10 documents5 sources

Severity

5.5MEDIUMNVD

EPSS

0.2%

top 57.59%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite Oracle Fusion Middleware

Timeline

PublishedJul 16

Latest updateMay 17

Description

Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.8.0 and 11.1.1.9.0, and the Oracle Applications Framework component in Oracle E-Business Suite 12.2.3 and 12.2.4, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Portal.

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 8.0 | Impact: 4.9

Affected Packages2 packages

▶NVDoracle/e-business_suite12.2.3, 12.2.4+1

▶NVDoracle/fusion_middleware11.1.1.8.0, 11.1.1.9.0+1

🔴Vulnerability Details

GHSA

GHSA-fp36-f4xw-x2j7: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11↗2022-05-17

▶

CVEList

CVE-2015-1926: Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11↗2015-07-16

▶

📋Vendor Advisories

Red Hat

spec: Information disclosure via missing access restriction in resource dispatching↗2015-07-30

▶

💬Community

Bugzilla

CVE-2015-4908 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)↗2015-10-21

▶

Bugzilla

CVE-2015-4901 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)↗2015-10-21

▶

Bugzilla

CVE-2015-4906 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)↗2015-10-21

▶

Bugzilla

CVE-2015-4916 Oracle JDK: unspecified vulnerability fixed in 8u65 (JavaFX)↗2015-10-21

▶

Bugzilla

CVE-2015-4810 Oracle JDK: unspecified vulnerability fixed in 7u91 and 8u65 (Deployment)↗2015-10-21

▶