2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3440 — Oracle Customer_interaction_history: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3440

Vulnerability in the Oracle Customer Interaction History component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Customer Interaction History. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Customer Interact CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3439 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3439

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3438 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3438

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3437 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3437

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3436 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3436

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3435 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3435

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3433 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3433

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
728 × 90 / responsive · programmatic ad slot
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3431 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3431

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3430 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3430

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3429 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3429

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3428 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3428

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3427 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3427

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3426 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3426

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3425 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3425

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3424 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3424

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3423 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3423

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3422 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3422

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3421 — Oracle One-to-one_fulfillment: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3421

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Orac CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3420 — Oracle Customer_relationship_management_technical_foundation: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3420

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may signi CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3419 — Oracle Customer_relationship_management_technical_foundation: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3419

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may signi CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3418 — Oracle Customer_relationship_management_technical_foundation: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3418

Vulnerability in the Oracle CRM Technical Foundation component of Oracle E-Business Suite (subcomponent: User Interface). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may signi CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3417 — Oracle Universal_work_queue: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3417

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle U CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3416 — Oracle Universal_work_queue: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3416

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle U CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3415 — Oracle Universal_work_queue: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3415

Vulnerability in the Oracle Universal Work Queue component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle U CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score
2017-01-27
2017-01-27 22:59Z
HIGH

CVE-2017-3414 — Oracle Advanced_outbound_telephony: Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

NVD (auto-promoted CVEs)·nvd.nist.govCVE-2017-3414

Vulnerability in the Oracle Advanced Outbound Telephony component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks require human interaction from a person other than the attacker and while the vulnerability CVSSv3.1 8.2 (HIGH)

VNDOracleVNDVulnerabilityTYPVulnerability
8.2
CVSS v3.1
91
Edit Score