Vulnerabilities > CVE-2014-4248 - Local Security vulnerability in Oracle E-Business Suite
Attack vector
LOCAL Attack complexity
HIGH Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, and 12.2.3 allows local users to affect confidentiality via unknown vectors related to Logging.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 5 |
Nessus
| NASL family | Misc. |
| NASL id | ORACLE_E-BUSINESS_CPU_JUL_2014.NASL |
| description | The version of Oracle E-Business installed on the remote host is missing the July 2014 Critical Patch Update (CPU). It is, therefore, affected by vulnerabilities in the following components : - Oracle Applications Technology Stack - Oracle Concurrent Processing - Oracle Applications Manager - Oracle iStore - Oracle Applications Object Library |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 76596 |
| published | 2014-07-18 |
| reporter | This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/76596 |
| title | Oracle E-Business (July 2014 CPU) |
References
- http://seclists.org/fulldisclosure/2014/Dec/23
- http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
- http://www.securityfocus.com/archive/1/534161/100/0/threaded
- http://www.securityfocus.com/bid/68653
- http://www.vmware.com/security/advisories/VMSA-2014-0012.html
- https://exchange.xforce.ibmcloud.com/vulnerabilities/94573