CVE-2020-14544

CWE-200Information Exposure4 documents4 sources
Severity
4.3MEDIUM
EPSS
0.3%
top 46.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle Corporation Transportation ManagementOracle Transportation Management
Timeline
PublishedJul 15
Latest updateMay 24

Description

Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security). The supported version that is affected is 6.4.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Transportation Management. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Transportation Management accessible data. CVSS 3.1 Base Score 4.3 (Confiden

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-v4f9-rmvp-3fj3: Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security)2022-05-24
CVEList
CVE-2020-14544: Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Data, Domain & Function Security)2020-07-15

📋Vendor Advisories

1
Oracle
Oracle Oracle Supply Chain Risk Matrix: Data, Domain & Function Security — CVE-2020-145442020-07-15