- Home
- CVEs with nessus.description==The version of Oracle Application Testing Suite installed on the
remote host is affected by multiple vulnerabilities :
- Enterprise Manager Base Platform Agent Next Gen (Jython)
component of Oracle Enterprise Manager Products Suite is easily
exploited and can allow an unauthenticated attacker the ability
to takeover the Enterprise Manager Base Platform. (CVE-2016-4000)
- Enterprise Manager Base Platform Discovery Framework (OpenSSL)
component of Oracle Enterprise Manager Products Suite is easily
exploited and can allow an unauthenticated attacker the ability
to cause a frequent crash (DoS) of the Enterprise Manager Base
Platform. (CVE-2018-0732)
- Enterprise Manager Ops Center Networking (OpenSSL) component of
Oracle Enterprise Manager Products Suite is easily exploited
and can allow an unauthenticated attacker the ability to cause a
frequent crash (DoS) of the Enterprise Manager Ops Center
Platform. (CVE-2018-0732)
- Oracle Application Testing Suite Load Testing for Web Apps
(Spring Framework) component of Oracle Enterprise Manager
Products Suite is easily exploited and can allow an
unauthenticated attacker the ability to takeover the Enterprise
Manager Base Platform. (CVE-2018-1258)
- Enterprise Manager Base Platform EM Console component is easily
exploited by an unauthenticated attacker. Successful attacks
can result in unauthorized update, insert, or delete access.
(CVE-2018-3303)
- Oracle Application Testing Suite Load Testing for Web Apps
component is easily exploited by an unauthenticated attacker.
Successful attacks can result in unauthorized update, insert, or
delete access and a partial denial of service. (CVE-2018-3304)
- Oracle Application Testing Suite Load Testing for Web Apps
component is easily exploited by an unauthenticated attacker.
Successful attacks can result in unauthorized update, insert, or
delete access and a partial denial of service. (CVE-2018-3305)
- Enterprise Manager for Virtualization Plug-In Lifecycle
(jackson-databind) component of Oracle Enterprise Manager
allows an unauthenticated attacker the ability to takeover
Enterprise Manager for Virtualization. (CVE-2018-12023)
- Enterprise Manager for Virtualization Plug-In Lifecycle
(jackson-databind) component of Oracle Enterprise Manager
allows an unauthenticated attacker the ability to takeover
Enterprise Manager for Virtualization. (CVE-2018-14718)
- Enterprise Manager Ops Center Networking (cURL) component of
Oracle Enterprise Manager allows an unauthenticated attacker the
ability to takeover Enterprise Manager Ops Center.
(CVE-2018-1000300)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top