Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vulnerability in the Oracle Advanced Supply Chain Planning product of Oracle Supply Chain (component: Core). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Advanced Supply Chain Planning. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Advanced Supply Chain Planning accessible data as well as unauthorized access to critical data or complete access to all Oracle Advanced Supply Chain Planning accessible data. CVSS 3.1 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
N/A
Vulnerability Title
Oracle Advanced Supply Chain Planning 输入验证错误漏洞
Vulnerability Description
Oracle Advanced Supply Chain Planning是美国Oracle公司的一个应用软件。提供一个全面的,基于Internet的计划解决方案,它决定在扩展的供应链中何时以及在何处部署供应品。 Oracle Advanced Supply Chain Planning Core 12.1, 12.2 存在输入验证错误漏洞,该漏洞允许未经身份验证的攻击者通过HTTP进行网络访问,从而破坏Oracle高级供应链计划。
CVSS Information
N/A
Vulnerability Type
N/A