Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10 CU2 and 12.0.6 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is related to unrestricted guest access to the "About Us Page" in the Oracle Applications Framework (OAF), which allows attackers to obtain sensitive system and application environment information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle E-Business Suite 组件Oracle Applications Framework 未明访问控制安全漏洞
Vulnerability Description
Oracle Database是一款商业性质大型数据库系统。 Oracle E-Business Suite(11.5.10 CU2 , 12.0.6) 组件Oracle Applications Framework 存在未明访问控制安全漏洞。远程认证用户可以通过未明向量影响系统的机密性。 说明:由于在Oracle Applications Framework (OAF)没有限制guest用户访问 "About Us Page",远程攻击者可以获得敏感系统和应用环境变量信息。
CVSS Information
N/A
Vulnerability Type
N/A