Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Application Framework). Supported versions that are affected are 11.0.0, 11.1.0, 11.2.0 and 11.3.0-11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Platform. Successful attacks of this vulnerability can result in takeover of Oracle Commerce Platform. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Oracle Commerce 输入验证错误漏洞
Vulnerability Description
Oracle Commerce是美国甲骨文(Oracle)公司的一套电子商务解决方案。 Oracle Commerce的Oracle Commerce平台产品(组件:Dynamo Application Framework)存在输入验证错误漏洞,该漏洞允许未经身份验证的攻击者通过HTTP网络访问破坏Oracle Commerce平台。受影响的版本为11.0.0、11.1.0、11.2.0和11.3.0-11.3.2。
CVSS Information
N/A
Vulnerability Type
N/A