Vulnerabilities > CVE-2014-2400 - Cross-Site Scripting vulnerability in Oracle Fusion Middleware 2.2.2

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
oracle
NVD
Published: 2014-04-16
Updated: 2018-10-09

Summary

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2399. Per: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html "Please refer to My Oracle Support Note 1629648.1 for instructions on how to address this issue."

Vulnerable Configurations

Part Description Count
Application
Oracle
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/127223/rt-sa-2013-003.txt
idPACKETSTORM:127223
last seen2016-12-05
published2014-06-25
reporterredteam-pentesting.de
sourcehttps://packetstormsecurity.com/files/127223/Endeca-Latitude-2.2.2-Cross-Site-Scripting.html
titleEndeca Latitude 2.2.2 Cross Site Scripting

References