Vulnerabilities > CVE-2013-0397 - Security Bypass vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.3

047910
CVSS 6.4 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
oracle
exploit available
NVD
Published: 2013-01-17
Updated: 2014-03-16

Summary

Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Diagnostics.

Vulnerable Configurations

Part Description Count
Application
Oracle
3

Exploit-Db

descriptionOracle Application Framework Diagnostic Mode Bypass Vulnerability. CVE-2013-0397. Webapps exploit for jsp platform
idEDB-ID:24158
last seen2016-02-02
modified2013-01-16
published2013-01-16
reporterTrustwave's SpiderLabs
sourcehttps://www.exploit-db.com/download/24158/
titleOracle Application Framework Diagnostic Mode Bypass Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/119574/TWSL2012-023.txt
idPACKETSTORM:119574
last seen2016-12-05
published2013-01-16
reporterDavid Byrne
sourcehttps://packetstormsecurity.com/files/119574/Oracle-Application-Framework-Diagnostic-Mode-Bypass.html
titleOracle Application Framework Diagnostic Mode Bypass

Seebug

bulletinFamilyexploit
descriptionNo description provided by source.
idSSV:77891
last seen2017-11-19
modified2014-07-01
published2014-07-01
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-77891
titleOracle Application Framework Diagnostic Mode Bypass Vulnerability

References