CVE-2015-2652 — Oracle E-business Suite vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 41.33%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle E-business Suite

Timeline

PublishedJul 16

Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.1, 12.1.2, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect integrity via unknown vectors related to Web Management.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDoracle/e-business_suite8 versions+7

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-9q8q-wch4-f92g: Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11↗2022-05-17

▶

CVEList

CVE-2015-2652: Unspecified vulnerability in the Oracle Marketing component in Oracle E-Business Suite 11↗2015-07-16

▶

💬Community

Bugzilla

CVE-2015-8604 cacti: SQL injection in graps_new.php via cg_g parameter↗2016-01-05

▶