Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vulnerability in the Oracle Configurator component of Oracle Supply Chain Products Suite (subcomponent: Active Model Generation). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Configurator. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Configurator accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Oracle Supply Chain Products Suite Configurator 访问控制错误漏洞
Vulnerability Description
Oracle Supply Chain Products Suite是美国甲骨文(Oracle)公司的一套供应链解决方案。该产品提供价值链计划、价值链执行、产品生命周期管理等功能。Configurator是其中的一个集成了订单管理、报价和销售的配置组件。 Oracle Supply Chain Products Suite中的Configurator组件12.1版本和12.2版本的Active Model Generation子组件存在安全漏洞。攻击者可利用该漏洞未授权访问数据,影响数据的保密性。
CVSS Information
N/A
Vulnerability Type
N/A