Vulnerabilities > CVE-2014-0371 - Cross-Site Scripting vulnerability in Oracle products

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

PARTIAL

Availability impact

NONE

network

oracle

NVD

Published: 2014-01-15

Updated: 2014-02-07

Summary

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0.x, 7.3.1.x, 12.2.0, 12.2.1, and 12.2.2 allows remote authenticated users to affect integrity via unknown vectors related to DM Others.

Vulnerable Configurations

Part	Description	Count
Application	Oracle Oracle Supply Chain Products Suite 7.2.0.3 Oracle Supply Chain Products Suite SQL Server 7.3.0 Oracle Supply Chain Products Suite SQL Server 7.3.1 Oracle Supply Chain Products Suite SQL Server 12.2.0 Oracle Supply Chain Products Suite SQL Server 12.2.1 Oracle Supply Chain Products Suite SQL Server 12.2.2	6

Packetstorm

data source	https://packetstormsecurity.com/files/download/125485/oracledemantra-xss.txt
id	PACKETSTORM:125485
last seen	2016-12-05
published	2014-03-02
reporter	Oliver Gruskovnjak
source	https://packetstormsecurity.com/files/125485/Oracle-Demantra-12.2.1-Reflective-Cross-Site-Scripting.html
title	Oracle Demantra 12.2.1 Reflective Cross Site Scripting

Summary

Vulnerable Configurations

Packetstorm

References