CVE-2019-2487

Name of the Vulnerable Software and Affected Versions Oracle Transportation Management versions 6.3.7, 6.4.1, 6.4.2, and 6.4.3

Description The issue is related to inadequate access control in the UI Infrastructure component of Oracle Transportation Management, allowing a low-privileged attacker with network access via HTTP to compromise the system. Successful attacks can result in unauthorized creation, deletion, or modification of critical data. The vulnerability can be exploited remotely using the HTTP protocol.

Recommendations For versions 6.3.7, 6.4.1, 6.4.2, and 6.4.3, update to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.