Vulnerabilities > CVE-2013-3749 - Unspecified vulnerability in Oracle E-Business Suite 11.5.10.2/12.0.6/12.1.3

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
oracle
nessus
NVD
Published: 2013-07-17
Updated: 2024-11-21

Summary

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to storage of credentials in the (1) FND_LOG_MESSAGES database table or (2) log files by "native login pages."

Vulnerable Configurations

Part Description Count
Application
Oracle
3

Nessus

NASL familyMisc.
NASL idORACLE_E-BUSINESS_CPU_JUL_2013.NASL
descriptionThe version of Oracle E-Business installed on the remote host is missing the July 2013 Critical Patch Update (CPU). It is, therefore, affected by security issues in the following components : - Oracle Landed Cost Management - Oracle Application Object Library - Oracle Applications Technology Stack - Oracle iSupplier Portal - Oracle Applications Technology Stack
last seen2020-06-01
modified2020-06-02
plugin id70178
published2013-09-27
reporterThis script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/70178
titleOracle E-Business (July 2013 CPU)

References