Oracle Web Applications Desktop Integrator vulnerabilities
9 known vulnerabilities affecting oracle/web_applications_desktop_integrator.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH4MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2024-21048MEDIUMCVSS 4.3≥ 12.2.3, ≤ 12.2.132024-04-16
CVE-2024-21048 [MEDIUM] CWE-611 CVE-2024-21048: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: XML input). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks o
nvd
CVE-2024-20907MEDIUMCVSS 6.1≥ 12.2.3, ≤ 12.2.132024-02-17
CVE-2024-20907 [MEDIUM] CVE-2024-20907: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: File download). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks requ
nvd
CVE-2023-22037MEDIUMCVSS 6.5≥ 12.2.3, ≤ 12.2.122023-07-18
CVE-2023-22037 [MEDIUM] CVE-2023-22037: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: MS Excel Specific). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks r
nvd
CVE-2022-39428CRITICALCVSS 9.8≥ 12.2.3, ≤ 12.2.112022-10-18
CVE-2022-39428 [CRITICAL] CVE-2022-39428: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Upload). Supported versions that are affected are 12.2.3-12.2.11. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful attacks of this v
nvd
CVE-2021-2434HIGHCVSS 8.1≥ 12.2.3, ≤ 12.2.10v12.1.32021-07-21
CVE-2021-2434 [HIGH] CVE-2021-2434: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Application Service). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Web Applications Desktop Integrator. Successful
nvd
CVE-2020-2591HIGHCVSS 8.2v12.1.32020-01-15
CVE-2020-2591 [HIGH] CVE-2020-2591: Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Application Service). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Web Applications Desktop Integrator. Successful attacks require
nvd
CVE-2017-10323HIGHCVSS 8.2v12.1.1v12.1.2+5 more2017-10-19
CVE-2017-10323 [HIGH] CVE-2017-10323: Vulnerability in the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite
Vulnerability in the Oracle Web Applications Desktop Integrator component of Oracle E-Business Suite (subcomponent: Application Service). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Web Appl
nvd
CVE-2016-3522HIGHCVSS 8.2v12.1.3v12.2.3+2 more2016-07-21
CVE-2016-3522 [HIGH] CVE-2016-3522: Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Bu
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Application Service.
nvd
CVE-2016-3523MEDIUMCVSS 4.7v12.1.3v12.2.3+2 more2016-07-21
CVE-2016-3523 [MEDIUM] CVE-2016-3523: Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Bu
Unspecified vulnerability in the Oracle Web Applications Desktop Integrator component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Application Service.
nvd