cnvd-2020-43741
Vulnerability from cnvd

Title: Oracle Fusion Middleware WebCenter Sites存在未明漏洞(CNVD-2020-43741 )

Description:

Oracle Fusion Middleware(Oracle融合中间件)是美国甲骨文(Oracle)公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。WebCenter Sites是其中的一个Web体验管理组件,它可让营销人员和业务用户在全球范围内跨多个渠道创建和管理互动式社交在线体验,以提升销量和客户忠诚度。

Oracle Fusion Middleware WebCenter Sites存在安全漏洞。攻击者可利用该漏洞未授权读取、更新、插入或删除数据,影响数据的保密性和完整性。

Severity:

Patch Name: Oracle Fusion Middleware WebCenter Sites存在未明漏洞(CNVD-2020-43741 )的补丁

Patch Description:

Oracle Fusion Middleware(Oracle融合中间件)是美国甲骨文(Oracle)公司的一套面向企业和云环境的业务创新平台。该平台提供了中间件、软件集合等功能。WebCenter Sites是其中的一个Web体验管理组件,它可让营销人员和业务用户在全球范围内跨多个渠道创建和管理互动式社交在线体验,以提升销量和客户忠诚度。

Oracle Fusion Middleware WebCenter Sites存在安全漏洞。攻击者可利用该漏洞未授权读取、更新、插入或删除数据,影响数据的保密性和完整性。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序,请及时关注更新: https://www.oracle.com/security-alerts/cpujul2020.html

Reference: https://nvd.nist.gov/vuln/detail/CVE-2020-14652

Impacted products
Name
['Oracle Oracle Fusion Middleware WebLogic Server 10.3.6.0.0', 'Oracle Oracle Fusion Middleware WebLogic Server 12.1.3.0.0', 'Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.3.0', 'Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.4.0', 'Oracle Oracle Fusion Middleware WebLogic Server 14.1.1.0.0']
Show details on source website

To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2020-14652",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2020-14652"
    }
  },
  "description": "Oracle Fusion Middleware\uff08Oracle\u878d\u5408\u4e2d\u95f4\u4ef6\uff09\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u9762\u5411\u4f01\u4e1a\u548c\u4e91\u73af\u5883\u7684\u4e1a\u52a1\u521b\u65b0\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4e86\u4e2d\u95f4\u4ef6\u3001\u8f6f\u4ef6\u96c6\u5408\u7b49\u529f\u80fd\u3002WebCenter Sites\u662f\u5176\u4e2d\u7684\u4e00\u4e2aWeb\u4f53\u9a8c\u7ba1\u7406\u7ec4\u4ef6\uff0c\u5b83\u53ef\u8ba9\u8425\u9500\u4eba\u5458\u548c\u4e1a\u52a1\u7528\u6237\u5728\u5168\u7403\u8303\u56f4\u5185\u8de8\u591a\u4e2a\u6e20\u9053\u521b\u5efa\u548c\u7ba1\u7406\u4e92\u52a8\u5f0f\u793e\u4ea4\u5728\u7ebf\u4f53\u9a8c\uff0c\u4ee5\u63d0\u5347\u9500\u91cf\u548c\u5ba2\u6237\u5fe0\u8bda\u5ea6\u3002\n\nOracle Fusion Middleware WebCenter Sites\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u672a\u6388\u6743\u8bfb\u53d6\u3001\u66f4\u65b0\u3001\u63d2\u5165\u6216\u5220\u9664\u6570\u636e\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u548c\u5b8c\u6574\u6027\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.oracle.com/security-alerts/cpujul2020.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-43741",
  "openTime": "2020-07-27",
  "patchDescription": "Oracle Fusion Middleware\uff08Oracle\u878d\u5408\u4e2d\u95f4\u4ef6\uff09\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u9762\u5411\u4f01\u4e1a\u548c\u4e91\u73af\u5883\u7684\u4e1a\u52a1\u521b\u65b0\u5e73\u53f0\u3002\u8be5\u5e73\u53f0\u63d0\u4f9b\u4e86\u4e2d\u95f4\u4ef6\u3001\u8f6f\u4ef6\u96c6\u5408\u7b49\u529f\u80fd\u3002WebCenter Sites\u662f\u5176\u4e2d\u7684\u4e00\u4e2aWeb\u4f53\u9a8c\u7ba1\u7406\u7ec4\u4ef6\uff0c\u5b83\u53ef\u8ba9\u8425\u9500\u4eba\u5458\u548c\u4e1a\u52a1\u7528\u6237\u5728\u5168\u7403\u8303\u56f4\u5185\u8de8\u591a\u4e2a\u6e20\u9053\u521b\u5efa\u548c\u7ba1\u7406\u4e92\u52a8\u5f0f\u793e\u4ea4\u5728\u7ebf\u4f53\u9a8c\uff0c\u4ee5\u63d0\u5347\u9500\u91cf\u548c\u5ba2\u6237\u5fe0\u8bda\u5ea6\u3002\r\n\r\nOracle Fusion Middleware WebCenter Sites\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u672a\u6388\u6743\u8bfb\u53d6\u3001\u66f4\u65b0\u3001\u63d2\u5165\u6216\u5220\u9664\u6570\u636e\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u548c\u5b8c\u6574\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle Fusion Middleware WebCenter Sites\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-43741 \uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Oracle Oracle Fusion Middleware WebLogic Server 10.3.6.0.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 12.1.3.0.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.3.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 12.2.1.4.0",
      "Oracle Oracle Fusion Middleware WebLogic Server 14.1.1.0.0"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2020-14652",
  "serverity": "\u4e2d",
  "submitTime": "2020-07-16",
  "title": "Oracle Fusion Middleware WebCenter Sites\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2020-43741 \uff09"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.