CVE-2014-6548 - Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 all

CVE-2014-6548

Summary

Unspecified vulnerability in the Oracle SOA Suite component in Oracle Fusion Middleware 11.1.1.7 allows local users to affect confidentiality, integrity, and availability via vectors related to B2B Engine. Per: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Please refer to My Oracle Support Note 1962206.1 for instructions on how to address this issue.

References

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Vulnerable Configurations

cpe:2.3:a:oracle:fusion_middleware:11.1.1.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:fusion_middleware:11.1.1.7:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 24-06-2016 - 15:55)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

Last major update

24-06-2016 - 15:55

Published

21-01-2015 - 15:28

Last modified

24-06-2016 - 15:55