Oracle Trade Management up to 12.1.3/12.2.10 User Interface

Summaryinfo

A vulnerability was found in Oracle Trade Management up to 12.1.3/12.2.10. It has been classified as critical. Impacted is an unknown function of the component User Interface. The manipulation leads to an unknown weakness. This vulnerability is documented as CVE-2020-14808. The attack can be initiated remotely. There is not any exploit available. Upgrading the affected component is recommended.

Detailsinfo

A vulnerability, which was classified as critical, has been found in Oracle Trade Management up to 12.1.3/12.2.10. This issue affects an unknown code block of the component User Interface. Impacted is confidentiality, and integrity.

The weakness was released 10/20/2020 as Oracle Critical Patch Update Advisory - October 2020. It is possible to read the advisory at oracle.com. The identification of this vulnerability is CVE-2020-14808. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. It demands that the victim is doing some kind of user interaction. The technical details are unknown and an exploit is not publicly available.

Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Vendor

• Oracle

Name

• Trade Management

Version

• 12.1.0
• 12.1.1
• 12.1.2
• 12.1.3
• 12.2.0
• 12.2.1
• 12.2.2
• 12.2.3
• 12.2.4
• 12.2.5
• 12.2.6
• 12.2.7
• 12.2.8
• 12.2.9
• 12.2.10

License

• commercial

Website

• Vendor: https://www.oracle.com

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion