Summaryinfo

A vulnerability was found in Oracle Marketing up to 12.2.8 and classified as critical. Affected by this issue is some unknown functionality of the component Marketing Administration. The manipulation leads to an unknown weakness. This vulnerability is handled as CVE-2019-2604. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Detailsinfo

A vulnerability has been found in Oracle Marketing up to 12.2.8 (Marketing Software) and classified as critical. Affected by this vulnerability is an unknown code block of the component Marketing Administration. As an impact it is known to affect confidentiality, and integrity.

The weakness was disclosed 04/16/2019 as Oracle Critical Patch Update Advisory - April 2019 as confirmed advisory (Website). The advisory is shared at oracle.com. This vulnerability is known as CVE-2019-2604. It demands that the victim is doing some kind of user interaction. Neither technical details nor an exploit are publicly available.

Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

The entries VDB-133580, VDB-133572, VDB-133573 and VDB-133574 are pretty similar. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Type

• Marketing Software

Vendor

• Oracle

Name

• Marketing

Version

• 12.1.1
• 12.1.2
• 12.1.3
• 12.2.3
• 12.2.4
• 12.2.5
• 12.2.6
• 12.2.7
• 12.2.8

License

• commercial

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion