N/A

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Commerce Guided Search accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

N/A

Oracle Commerce 输入验证错误漏洞

Oracle Commerce是美国甲骨文（Oracle）公司的一套电子商务解决方案。 Oracle Commerce 的 Oracle Commerce Guided Search 存在输入验证错误漏洞，该漏洞允许未经身份验证的攻击者通过 HTTP 进行网络访问，从而破坏 Oracle Commerce Guided Search。成功攻击此漏洞可能导致未经授权访问关键数据或完全访问所有 Oracle Commerce Guided Search 可访问数据。

N/A

N/A