CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2021-2023
https://notcve.org/view.php?id=CVE-2021-2023
20 Jan 2021 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Successful attac... • https://www.oracle.com/security-alerts/cpujan2021.html •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14822
https://notcve.org/view.php?id=CVE-2020-14822
21 Oct 2020 — Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Supported versions that are affected are 12.1.1 - 12.1.3 and 12.2.3 - 12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Successful ... • https://www.oracle.com/security-alerts/cpuoct2020.html •
CVSS: 8.2EPSS: 0%CPEs: 3EXPL: 0CVE-2017-3361
https://notcve.org/view.php?id=CVE-2017-3361
27 Jan 2017 — Vulnerability in the Oracle Installed Base component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products. Success... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2016-3534
https://notcve.org/view.php?id=CVE-2016-3534
21 Jul 2016 — Unspecified vulnerability in the Oracle Installed Base component in Oracle E-Business Suite 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect integrity via vectors related to Engineering Change Order. NOTE: the previous information is from the July 2016 CPU. Oracle has not commented on third-party claims that this issue involves an open redirect vulnerability, which allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecifie... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •