CVE-2014-2399

Published: Apr 16, 2014Modified: May 6, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in the Oracle Endeca Server component in Oracle Fusion Middleware 2.2.2 allows remote attackers to affect integrity via unknown vectors related to Oracle Endeca Information Discovery (Formerly Latitude), a different vulnerability than CVE-2014-2400.

Affected (1)

Products: Oracle: Fusion Middleware

1 product

Fusion Middleware

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Oracle Fusion Middleware	Version 2.2.2

References (12)

http://packetstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.html

Source: secalert_us@oracle.com

http://seclists.org/fulldisclosure/2014/Jun/123

Source: secalert_us@oracle.com

http://www.exploit-db.com/exploits/33897

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/archive/1/532556/100/0/threaded

Source: secalert_us@oracle.com

http://www.securityfocus.com/bid/66864

Source: secalert_us@oracle.com

http://packetstormsecurity.com/files/127222/Endeca-Latitude-2.2.2-Cross-Site-Request-Forgery.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2014/Jun/123

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.exploit-db.com/exploits/33897

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/532556/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/66864

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.