PT-2017-16005 · Oracle · Oracle Commerce Guided Search+1

Publicado

2017-04-24

Atualizado

2019-10-03

CVE-2017-3572

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Oracle Commerce Guided Search / Oracle Commerce Experience Manager versions 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2

Description The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Experience Manager. Successful attacks can result in unauthorized ability to cause a hang or frequently repeatable crash of Oracle Commerce Guided Search / Oracle Commerce Experience Manager.

Recommendations For versions 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2017-3572

Produtos afetados

Oracle Commerce Experience Manager

Oracle Commerce Guided Search

PT-2017-16005 · Oracle · Oracle Commerce Guided Search+1

CVE-2017-3572

Identificadores relacionados

Produtos afetados

Referências · 4