PT-2014-5761 · Oracle · Oracle Fusion Middleware+1

Published

2014-07-17

Updated

2018-10-09

CVE-2014-4249

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware version 11.1.1.7

Description The issue affects confidentiality and is related to the Mobile Service in the BI Publisher component. It allows remote attackers to exploit the vulnerability via unknown vectors.

Recommendations For Oracle Fusion Middleware version 11.1.1.7, consider restricting access to the BI Publisher component until a patch is available. As a temporary workaround, limit the use of the Mobile Service to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2014-4249

ZDI-14-257

Affected Products

Bi Publisher

Oracle Fusion Middleware

PT-2014-5761 · Oracle · Oracle Fusion Middleware+1

CVE-2014-4249

Related Identifiers

Affected Products

References · 10