Oracle Common Applications 12.1.3
Approved changes feed: RSS · Atom
cpe:2.3:a:oracle:common_applications:12.1.3:*:*:*:*:*:*:*
part: a version: 12.1.3 update: *
| Vendor | Oracle (3509f9eb-d8a0-57da-b153-b8021021b133) |
|---|---|
| Product | Common Applications (7891dcaf-36ca-5254-9df2-deb2781451e2) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2020-14717 |
vulnerable | 2026-06-03 14:41:44.614319 |
Details available
MEDIUM (4.7)
Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS 3.1 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).
Published: 2020-07-15T17:34:35.000Z
Updated: 2024-09-26T20:37:05.858Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14716 |
vulnerable | 2026-06-03 14:41:44.613869 |
Details available
MEDIUM (4.7)
Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS 3.1 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).
Published: 2020-07-15T17:34:35.000Z
Updated: 2024-09-26T20:37:15.372Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-14688 |
vulnerable | 2026-06-03 14:41:44.577145 |
Details available
HIGH (8.2)
Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS 3.1 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).
Published: 2020-07-15T17:34:34.000Z
Updated: 2024-09-26T20:42:39.038Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2019-2665 |
vulnerable | 2026-06-03 14:40:20.742870 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: CRM User Management Framework). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).
Published: 2019-04-23T18:16:43.000Z
Updated: 2024-10-02T15:41:59.648Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3443 |
vulnerable | 2026-06-03 14:37:15.207228 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).
Published: 2017-01-27T22:01:00.000Z
Updated: 2024-10-08T20:13:43.090Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3328 |
vulnerable | 2026-06-03 14:37:14.963839 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Resources Module). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).
Published: 2017-01-27T22:01:00.000Z
Updated: 2024-10-08T20:27:47.468Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3327 |
vulnerable | 2026-06-03 14:37:14.961115 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Resources Module). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).
Published: 2017-01-27T22:01:00.000Z
Updated: 2024-10-08T20:28:04.923Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-3326 |
vulnerable | 2026-06-03 14:37:14.958394 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Role Summary). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).
Published: 2017-01-27T22:01:00.000Z
Updated: 2024-10-08T20:28:15.992Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-10330 |
vulnerable | 2026-06-03 14:36:26.554010 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: Gantt Server). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Common Applications accessible data as well as unauthorized access to critical data or complete access to all Oracle Common Applications accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).
Published: 2017-10-19T17:00:00.000Z
Updated: 2024-10-04T16:51:20.766Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-10113 |
vulnerable | 2026-06-03 14:36:26.083423 |
Details available
Vulnerability in the Oracle Common Applications component of Oracle E-Business Suite (subcomponent: CRM User Management Framework). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Common Applications. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Common Applications, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Common Applications accessible data as well as unauthorized update, insert or delete access to some of Oracle Common Applications accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).
Published: 2017-08-08T15:00:00.000Z
Updated: 2024-10-04T19:02:45.123Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-5575 |
vulnerable | 2026-06-03 14:35:55.388185 |
Details available
Unspecified vulnerability in the Oracle Common Applications Calendar component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows remote attackers to affect confidentiality via vectors related to Resources Module.
Published: 2016-10-25T14:00:00.000Z
Updated: 2024-10-10T18:24:23.683Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-0562 |
vulnerable | 2026-06-03 14:35:21.508643 |
Details available
Unspecified vulnerability in the Oracle Common Applications component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via vectors related to CRM User Management Framework.
Published: 2016-01-21T02:00:00.000Z
Updated: 2024-08-05T22:22:55.670Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.