PT-2015-3873 · Oracle · Oracle E-Business Suite
Published
2015-01-21
·
Updated
2016-06-24
·
CVE-2014-6556
CVSS v2.0
4.6
Medium
| Vector | AV:N/AC:H/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Oracle E-Business Suite versions 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, 12.2.4
Description
The issue affects confidentiality, integrity, and availability. It can be exploited by remote authenticated users via vectors related to AD DDL.
Recommendations
For Oracle E-Business Suite version 11.5.10.2, update to a version that includes the fix for this issue.
For Oracle E-Business Suite version 12.0.6, update to a version that includes the fix for this issue.
For Oracle E-Business Suite version 12.1.3, update to a version that includes the fix for this issue.
For Oracle E-Business Suite version 12.2.2, update to a version that includes the fix for this issue.
For Oracle E-Business Suite version 12.2.3, update to a version that includes the fix for this issue.
For Oracle E-Business Suite version 12.2.4, update to a version that includes the fix for this issue.
As a temporary workaround, consider restricting access to the AD DDL component until a patch is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Oracle E-Business Suite