Oracle Istore vulnerabilities
42 known vulnerabilities affecting oracle/istore.
Total CVEs
42
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH32MEDIUM10
Vulnerabilities
Page 2 of 3
CVE-2021-2089HIGHCVSS 8.2≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.102021-01-20
CVE-2021-2089 [HIGH] CVE-2021-2089: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Runtime Catalog).
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Runtime Catalog). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other t
nvd
CVE-2021-2096HIGHCVSS 8.2≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.102021-01-20
CVE-2021-2096 [HIGH] CVE-2021-2096: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Su
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other th
nvd
CVE-2021-2059MEDIUMCVSS 5.3≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.102021-01-20
CVE-2021-2059 [MEDIUM] CVE-2021-2059: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Web interface). Su
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Web interface). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulnerability can result in unauthoriz
nvd
CVE-2020-14582HIGHCVSS 8.2≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.92020-07-15
CVE-2020-14582 [HIGH] CWE-79 CVE-2020-14582: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Registration)
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Registration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a per
nvd
CVE-2020-14596HIGHCVSS 8.2≥ 12.1.1, ≤ 12.1.32020-07-15
CVE-2020-14596 [HIGH] CWE-79 CVE-2020-14596: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Address Book). Sup
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Address Book). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the atta
nvd
CVE-2020-2810MEDIUMCVSS 4.7≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.92020-04-15
CVE-2020-2810 [MEDIUM] CVE-2020-2810: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Su
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other t
nvd
CVE-2020-2582HIGHCVSS 8.2≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.92020-01-15
CVE-2020-2582 [HIGH] CVE-2020-2582: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Su
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iStore. Successful attacks require human interaction from a person other th
nvd
CVE-2019-2990HIGHCVSS 8.2≥ 12.1.1, ≤ 12.1.3≥ 12.2.3, ≤ 12.2.92019-10-16
CVE-2019-2990 [HIGH] CVE-2019-2990: Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Order Tracker). Su
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Order Tracker). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other tha
nvd
CVE-2019-2652HIGHCVSS 8.2v12.1.1v12.1.2+7 more2019-04-23
CVE-2019-2652 [HIGH] CVE-2019-2652: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks re
nvd
CVE-2018-3188HIGHCVSS 8.2v12.1.1v12.1.2+6 more2018-10-17
CVE-2018-3188 [HIGH] CVE-2018-3188: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Web interface
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Web interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require hu
nvd
CVE-2018-3018HIGHCVSS 8.2v12.1.1v12.1.2+6 more2018-07-18
CVE-2018-3018 [HIGH] CVE-2018-3018: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require hu
nvd
CVE-2018-2995HIGHCVSS 8.2v12.1.1v12.1.2+6 more2018-07-18
CVE-2018-2995 [HIGH] CVE-2018-2995: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require hu
nvd
CVE-2018-2994MEDIUMCVSS 5.3v12.1.1v12.1.2+6 more2018-07-18
CVE-2018-2994 [MEDIUM] CVE-2018-2994: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this
nvd
CVE-2017-10409HIGHCVSS 8.2v12.1.1v12.1.2+6 more2017-10-19
CVE-2017-10409 [HIGH] CVE-2017-10409: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Merchant UI).
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Merchant UI). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require hu
nvd
CVE-2017-10414HIGHCVSS 8.2v12.1.1v12.1.2+6 more2017-10-19
CVE-2017-10414 [HIGH] CVE-2017-10414: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Checkout and
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Checkout and Order Placement). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful at
nvd
CVE-2017-10112HIGHCVSS 8.2v12.1.1v12.1.2+5 more2017-08-08
CVE-2017-10112 [HIGH] CVE-2017-10112: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Registra
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Registration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require huma
nvd
CVE-2017-10130HIGHCVSS 7.6v12.1.1v12.1.2+5 more2017-08-08
CVE-2017-10130 [HIGH] CVE-2017-10130: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Manageme
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Management). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human i
nvd
CVE-2017-10192MEDIUMCVSS 5.3v12.1.1v12.1.2+5 more2017-08-08
CVE-2017-10192 [MEDIUM] CVE-2017-10192: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: Shopping Cart). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of this vulner
nvd
CVE-2017-10186MEDIUMCVSS 5.3v12.1.1v12.1.2+5 more2017-08-08
CVE-2017-10186 [MEDIUM] CVE-2017-10186: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User and Comp
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User and Company Profile). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks of
nvd
CVE-2017-3287HIGHCVSS 8.2v12.1.1v12.1.2+5 more2017-01-27
CVE-2017-3287 [HIGH] CVE-2017-3287: Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Interfac
Vulnerability in the Oracle iStore component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human int
cvelistv5nvd