Oracle Commerce Experience Manager vulnerabilities
5 known vulnerabilities affecting oracle/commerce_experience_manager.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2021-2348MEDIUMCVSS 4.3v11.3.1.52021-07-21
CVE-2021-2348 [MEDIUM] CVE-2021-2348: Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of O
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Expe
nvd
CVE-2021-2345MEDIUMCVSS 5.4v11.3.1.52021-07-21
CVE-2021-2345 [MEDIUM] CVE-2021-2345: Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of O
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Expe
nvd
CVE-2021-2346MEDIUMCVSS 5.4v11.3.1.52021-07-21
CVE-2021-2346 [MEDIUM] CVE-2021-2346: Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of O
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Expe
nvd
CVE-2020-14536HIGHCVSS 7.4≥ 11.0, < 11.3.12020-07-15
CVE-2020-14536 [HIGH] CVE-2020-14536: Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of O
Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Workbench). Supported versions that are affected are 11.0, 11.1, 11.2 and prior to 11.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search / O
nvd
CVE-2020-2604HIGHCVSS 8.1v11.3.22020-01-15
CVE-2020-2604 [HIGH] CWE-502 CVE-2020-2604: Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embed
nvd