CVE-2019-2719Oracle Knowledge Management vulnerability

3 documents3 sources
Severity
6.1MEDIUMNVD
EPSS
0.8%
top 26.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Knowledge ManagementOracle Corporation Knowledge
Timeline
PublishedApr 23
Latest updateMay 24

Description

Vulnerability in the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: Web Applications (InfoCenter)). Supported versions that are affected are 8.5.1.0 - 8.5.1.7, 8.6.0 and 8.6.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge, attacks may significantly impact additional pr

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

Affected Packages2 packages

NVDoracle/knowledge_management8.5.1.08.5.1.7+2
CVEListV5oracle_corporation/knowledge8.5.1.0 - 8.5.1.7, 8.6.0, 8.6.1+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-x9pc-w5jc-9r92: Vulnerability in the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: Web Applications (InfoCenter))2022-05-24
CVEList
CVE-2019-2719: Vulnerability in the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: Web Applications (InfoCenter))2019-04-23
CVE-2019-2719 — Oracle vulnerability | cvebase