CVE-2017-3277

CWE-200Information Exposure5 documents4 sources
Severity
4.9MEDIUM
EPSS
0.3%
top 45.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Oracle Applications Manager
Timeline
PublishedJan 27
Latest updateMay 17

Description

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: OAM Client). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CV

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

CVEListV5oracle/applications_manager5 versions+4
NVDoracle/applications_manager5 versions+4

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-jvqh-386g-wm9g: Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: OAM Client)2022-05-17
CVEList
CVE-2017-3277: Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: OAM Client)2017-01-27

💬Community

2
Bugzilla
CVE-2017-1000200 tcmu-runner: UnregisterHandler D-Bus method in tcmu-runner daemon for internal handler causes DoS2017-08-31
Bugzilla
CVE-2017-1000201 tcmu-runner: UnregisterHandler dbus method in tcmu-runner daemon for non-existing handler causes DoS2017-08-31