CVE-2014-2424

medium

Description

Unspecified vulnerability in the Oracle Event Processing component in Oracle Fusion Middleware 11.1.1.7.0 allows remote authenticated users to affect integrity via vectors related to CEP system.

References

http://www.securityfocus.com/bid/66871

http://www.osvdb.org/105844

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.exploit-db.com/exploits/33989

http://packetstormsecurity.com/files/127365/Oracle-Event-Processing-FileUploadServlet-Arbitrary-File-Upload.html

Details

Source: Mitre, NVD

Published: 2014-04-16

Updated: 2014-07-24

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 4.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N