← Back

CVE-2017-3277

nvd nist
Published: Jan 27, 2017Modified: May 13, 2026

JSON object

Loading...
4.9
Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.2 / Impact: 3.6
Source: NVD

Description

Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: OAM Client). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data. CVSS v3.0 Base Score 4.9 (Confidentiality impacts).

Affected (5)

Oracle
1 product
Applications Manager
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Oracle
Applications Manager
Version 12.1.3
Applications Manager
Version 12.2.3
Applications Manager
Version 12.2.4
Applications Manager
Version 12.2.5
Applications Manager
Version 12.2.6

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

Source: secalert_us@oracle.com
PatchVendor Advisory
Source: secalert_us@oracle.com
Source: secalert_us@oracle.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.