CVE-2015-4848 — Oracle Supply Chain Products Suite vulnerability

4 documents4 sources

Severity

5.0MEDIUMNVD

EPSS

0.3%

top 44.82%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Supply Chain Products Suite

Timeline

PublishedOct 21

Latest updateMay 17

Description

Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12.0.6, 12.1.3, 12.2.3, and 12.2.4 allows remote attackers to affect confidentiality via unknown vectors related to Integration with Peoplesoft.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDoracle/supply_chain_products_suite4 versions+3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-fq8m-6f3h-7q3c: Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12↗2022-05-17

▶

CVEList

CVE-2015-4848: Unspecified vulnerability in the Oracle Configurator component in Oracle Supply Chain Products Suite 12↗2015-10-21

▶

💥Exploits & PoCs

Exploit-DB

Oracle GlassFish Server 4.1 - Directory Traversal↗2015-08-27

▶