CVE-2017-3255 in JDeveloperinfo

Summary

Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. While the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle JDeveloper accessible data. CVSS v3.0 Base Score 5.8 (Confidentiality impacts).

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

12/06/2016

Disclosure

01/27/2017

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

IDVulnerabilityCWEExpCouCVE
95570Oracle JDeveloper ADF Faces information disclosure200Not definedOfficial fixCVE-2017-3255

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!