Oracle E-Business Suite vulnerabilities

CVE-2019-2485 [MEDIUM] CVE-2019-2485: Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite (subcomponent: Vulnerability in the Oracle Mobile Field Service component of Oracle E-Business Suite (subcomponent: Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Mobile Field

CVE-2019-2488 [MEDIUM] CVE-2019-2488: Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcompon Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Session Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Founda

CVE-2019-2396 [MEDIUM] CVE-2019-2396: Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcompon Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: Messages). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Succ

CVE-2019-2491 [MEDIUM] CVE-2019-2491: Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Vulnerability in the Oracle Email Center component of Oracle E-Business Suite (subcomponent: Message Display). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Email Center. Succe

CVE-2019-2546 [MEDIUM] CVE-2019-2546: Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: SQL Extensions). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications

CVE-2018-2934 [MEDIUM] CWE-665 CVE-2018-2934: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments / File Upload). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of thi

CVE-2018-2804 [HIGH] CVE-2018-2804: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: DB Privileges). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Suc

CVE-2018-2865 [MEDIUM] CVE-2018-2865: Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Conso Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Le

CVE-2018-2864 [MEDIUM] CVE-2018-2864: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Succe

CVE-2018-2873 [MEDIUM] CVE-2018-2873: Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Accou Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger.

CVE-2018-2872 [MEDIUM] CVE-2018-2872: Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Accou Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger.

CVE-2018-2874 [MEDIUM] CVE-2018-2874: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Succe

CVE-2018-2867 [MEDIUM] CVE-2018-2867: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Succe

CVE-2018-2866 [MEDIUM] CVE-2018-2866: Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Conso Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Le

CVE-2018-2656 [CRITICAL] CVE-2018-2656: Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle General Ledger. Succ

CVE-2018-2635 [MEDIUM] CVE-2018-2635: Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomp Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Login). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successfu

CVE-2018-2684 [MEDIUM] CVE-2018-2684: Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Regi Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle User Management. Successful attacks

CVE-2017-3515 [MEDIUM] CVE-2017-3515: Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: User Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: User Name/Password Management). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle User Management. Successful atta

CVE-2016-3520 [MEDIUM] CVE-2016-3520: Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote administrators to affect confidentiality via vectors related to AOL Diagnostic tests.

CVE-2016-3524 [MEDIUM] CVE-2016-3524: Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration.