cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21067,https://securityvulnerability.io/vulnerability/CVE-2024-21067,Vulnerability in Oracle Enterprise Manager Base Platform Host Management,"A vulnerability has been identified in the Oracle Enterprise Manager Base Platform within the Host Management component. This flaw affects version 13.5.0.0 and allows low privileged attackers, who have access to the underlying infrastructure, to compromise the functionalities of the Oracle Enterprise Manager Base Platform. While the vulnerability is contained within this specific product, it poses a risk of significantly affecting additional products within the environment. Successful exploitation can lead to the takeover of the Oracle Enterprise Manager Base Platform, potentially impacting confidentiality, integrity, and availability of the affected systems.",Oracle,Enterprise Manager Base Platform,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-20917,https://securityvulnerability.io/vulnerability/CVE-2024-20917,Vulnerability in Oracle Enterprise Manager Base Platform Log Management Component,"A vulnerability exists in the Log Management component of Oracle's Enterprise Manager Base Platform that could be exploited by an unauthenticated attacker with network access via HTTP. This vulnerability requires interaction from a user other than the attacker to be successfully exploited. While the primary impact is on the Oracle Enterprise Manager Base Platform, there may be significant implications for other connected products. Successful exploitation can lead to unauthorized access to sensitive data, including the ability to read, modify, or delete critical information. Additionally, it gives the attacker the potential to initiate a partial denial of service, disrupting the functionality of the Oracle Enterprise Manager Base Platform.",Oracle,Enterprise Manager Base Platform,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-17T01:50:09.948Z,0
CVE-2024-20916,https://securityvulnerability.io/vulnerability/CVE-2024-20916,Vulnerability in Oracle Enterprise Manager Base Platform Component: Event Management,"A vulnerability exists within the Oracle Enterprise Manager Base Platform, specifically related to the Event Management component. This vulnerability affects version 13.5.0.0, enabling a high privileged attacker with access to the physical communication segment of the hardware to exploit the Oracle Enterprise Manager Base Platform. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, as well as gaining unauthorized access to all data accessible by the Oracle Enterprise Manager Base Platform. Additionally, the attacker may cause a partial denial of service, impacting the system's functionality. Given the potential wide-reaching implications of this vulnerability, surrounding products may also face heightened risks.",Oracle,Enterprise Manager Base Platform,8.3,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:41:14.656Z,0
CVE-2022-21623,https://securityvulnerability.io/vulnerability/CVE-2022-21623,Unauthenticated Access Vulnerability in Oracle Enterprise Manager,"An unauthenticated access vulnerability exists within the Application Config Console of Oracle's Enterprise Manager Base Platform. This flaw allows attackers with network access via HTTP to exploit it easily, leading to unauthorized creation, deletion, or modification of critical data. These actions can affect all data accessible through the Enterprise Manager Base Platform, posing a significant risk to organizations utilizing these versions.",Oracle,Enterprise Manager Base Platform,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21536,https://securityvulnerability.io/vulnerability/CVE-2022-21536,Unauthorized Access Vulnerability in Oracle Enterprise Manager Base Platform,"This vulnerability in Oracle's Enterprise Manager Base Platform allows an unauthenticated attacker with network access to exploit the system via HTTP. If successful, the attacker can compromise the integrity and availability of the Enterprise Manager, potentially leading to unauthorized control over the affected environment. Supported versions, specifically 13.4.0.0 and 13.5.0.0, are exposed, emphasizing the importance of monitoring and securing these products to prevent malicious activities.",Oracle,Enterprise Manager Base Platform,8.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:07:23.000Z,0
CVE-2022-21516,https://securityvulnerability.io/vulnerability/CVE-2022-21516,Unauthenticated Access Vulnerability in Oracle Enterprise Manager Base Platform,"An unauthenticated access vulnerability exists in the Oracle Enterprise Manager Base Platform. This flaw allows an attacker with network access via HTTP to compromise the platform, leading to unauthorized modifications and reading of data. Attackers may exploit this vulnerability to execute unauthorized updates, inserts, or deletions on accessible data, and can also partially disrupt the service's availability. It affects specific versions of the Enterprise Manager and poses significant security risks.",Oracle,Enterprise Manager Base Platform,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:06:52.000Z,0
CVE-2022-21469,https://securityvulnerability.io/vulnerability/CVE-2022-21469,Unauthenticated Access Vulnerability in Oracle Enterprise Manager UI Framework,"An unauthenticated access vulnerability exists within the UI Framework of Oracle's Enterprise Manager Base Platform. This flaw allows an attacker with network access to exploit the system through HTTP. While the vulnerability is specifically in the Enterprise Manager Base Platform, its exploitation may have broader implications for other connected products. Successful exploitation requires user interaction from someone other than the attacker, leading to unauthorized ability to update, insert, or delete sensitive data in the platform. Organizations using versions 13.4.0.0 and 13.5.0.0 should be aware of these risks and take appropriate measures to mitigate potential impacts.",Oracle,Enterprise Manager Base Platform,4.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-04-19T20:38:09.000Z,0
CVE-2022-21392,https://securityvulnerability.io/vulnerability/CVE-2022-21392,Unauthorized Access Vulnerability in Oracle Enterprise Manager,"The vulnerability in Oracle's Enterprise Manager Base Platform allows attackers with low privileges and network access to exploit the system through HTTP. This exploitation can lead to unauthorized access to critical data and potential control over all accessible data, enabling attackers to update, insert, or delete information within the Enterprise Manager system. Organizations using affected versions 13.4.0.0 and 13.5.0.0 must take immediate action to secure their environments.",Oracle,Enterprise Manager Base Platform,8.8,HIGH,0.00044999999227002263,false,,false,false,true,2023-12-08T20:13:23.000Z,true,false,false,,2022-01-19T11:26:39.000Z,0
CVE-2021-2137,https://securityvulnerability.io/vulnerability/CVE-2021-2137,Oracle Enterprise Manager Base Platform Policy Framework Vulnerability,"This vulnerability allows an attacker with low privileges and network access via HTTP to exploit the Policy Framework component of Oracle's Enterprise Manager Base Platform. Successful attacks enable the attacker to take control over the platform, resulting in potential unauthorized access and manipulation of sensitive information. The affected versions, 13.4.0.0 and 13.5.0.0, highlight the necessity for prompt updates to mitigate risks associated with this vulnerability.",Oracle,Enterprise Manager Base Platform,8.8,HIGH,0.00395999988541007,false,,false,false,false,,,false,false,,2021-10-20T10:49:32.000Z,0
CVE-2021-2053,https://securityvulnerability.io/vulnerability/CVE-2021-2053,Unauthenticated Access Vulnerability in Oracle Enterprise Manager UI Framework,"A vulnerability exists in the UI Framework of Oracle's Enterprise Manager Base Platform that allows an unauthenticated attacker to exploit the system via HTTP. While this vulnerability primarily affects version 13.4.0.0, it poses risks that could extend beyond Enterprise Manager itself. Successful exploitation requires user interaction, leading to unauthorized manipulation of the platform's data—enabling attackers to potentially access, modify, or delete sensitive information. This breach can have significant consequences for organizations reliant on this management tool.",Oracle,Enterprise Manager Base Platform,6.1,MEDIUM,0.0015399999683722854,false,,false,false,false,,,false,false,,2021-04-22T21:53:43.000Z,0
CVE-2020-2982,https://securityvulnerability.io/vulnerability/CVE-2020-2982,Vulnerability in Oracle Enterprise Manager Base Platform Affects Data Security,"The vulnerability found in the Oracle Enterprise Manager Base Platform allows low-privileged attackers with network access via HTTP to exploit the system. This can lead to unauthorized access to sensitive data, enabling attackers to read, modify, insert, or delete information in the Enterprise Manager Base Platform. Organizations using affected versions 13.3.0.0 and 13.4.0.0 should take immediate action to assess their security posture and mitigate potential risks.",Oracle,Enterprise Manager Base Platform,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-07-15T17:34:36.000Z,0
CVE-2020-2961,https://securityvulnerability.io/vulnerability/CVE-2020-2961,Unauthorized Access Vulnerability in Oracle Enterprise Manager's Discovery Framework,"A vulnerability exists in the Discovery Framework of Oracle Enterprise Manager Base Platform, allowing an unauthenticated attacker to gain network access via HTTP. This could lead to a full compromise of the Enterprise Manager, affecting its confidentiality, integrity, and availability. Affected versions include 13.2.0.0 and 13.3.0.0. It is crucial to implement security measures to protect against this easily exploitable vulnerability.",Oracle,Enterprise Manager Base Platform,9.8,CRITICAL,0.007530000060796738,false,,false,false,false,,,false,false,,2020-04-15T13:29:54.000Z,0
CVE-2020-2646,https://securityvulnerability.io/vulnerability/CVE-2020-2646,Command Line Interface Vulnerability in Oracle's Enterprise Manager Base Platform,"A low-privileged attacker with network access can exploit a vulnerability in the Command Line Interface of Oracle's Enterprise Manager Base Platform. This exploitation requires human interaction from a third party, highlighting the importance of user awareness. Although the flaw resides in the Enterprise Manager Base Platform, successful attacks can compromise data across other connected products. Affected versions 12.1.0.5, 13.2.0.0, and 13.3.0.0 could allow unauthorized users to update, insert, or delete crucial data as well as access sensitive information without permission.",Oracle,Enterprise Manager Base Platform,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0
CVE-2020-2644,https://securityvulnerability.io/vulnerability/CVE-2020-2644,Exploitable Vulnerability in Oracle Enterprise Manager Base Platform,"A vulnerability has been identified in the Oracle Enterprise Manager Base Platform, specifically in the Oracle Management Service component. This vulnerability can be exploited by a high-privileged attacker with network access via HTTP, potentially leading to unauthorized access to sensitive data and the ability to perform destructive actions such as updates, inserts, or deletions. Furthermore, the attacker could partially disrupt the availability of the Enterprise Manager Base Platform. This security flaw affects several supported versions, making it crucial for users to implement the latest security patches and restrictions to protect their data from malicious activities.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0
CVE-2020-2645,https://securityvulnerability.io/vulnerability/CVE-2020-2645,Vulnerability in Oracle Enterprise Manager Connector Framework,"An improper access control vulnerability exists in the Connector Framework of Oracle's Enterprise Manager Base Platform. This easily exploitable flaw allows attackers with high privileges and network access via HTTP to gain unauthorized access to critical data. Successful exploitation can lead to unauthorized manipulations such as updates, inserts, or deletions of data within the Enterprise Manager, as well as the potential to cause partial denial of service. As a result, sensitive information could be compromised, impacting the confidentiality and integrity of the data managed by Oracle Enterprise Manager.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0
CVE-2020-2639,https://securityvulnerability.io/vulnerability/CVE-2020-2639,Unauthorized Access Vulnerability in Oracle Enterprise Manager,"A significant vulnerability exists in the Enterprise Manager Base Platform of Oracle, specifically within the Host Management component. This flaw allows a high-privileged attacker with network access via HTTP to gain unauthorized entry, effectively compromising sensitive data. Attackers can exploit this weakness to manipulate critical data, with capabilities for unauthorized updates, inserts, or deletions. Additionally, this vulnerability poses the risk of partial denial of service, severely affecting the functionality of the Enterprise Manager Base Platform. Such vulnerabilities underline the necessity for prompt patching and robust security measures.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2634,https://securityvulnerability.io/vulnerability/CVE-2020-2634,Oracle Enterprise Manager Configuration Standard Framework Vulnerability,"A significant vulnerability has been identified within Oracle's Enterprise Manager Base Platform, specifically in the Configuration Standard Framework component. This flaw potentially enables an attacker with elevated privileges and network access via HTTP to exploit the system, leading to unauthorized access to sensitive data. The repercussions of this vulnerability include the unauthorized ability to update, insert, or delete critical information within the Enterprise Manager Base Platform, alongside a risk of causing partial denial of service. Maintaining system security is paramount to prevent exploitation of this vulnerability.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2643,https://securityvulnerability.io/vulnerability/CVE-2020-2643,Unauthorized Access Vulnerability in Oracle Enterprise Manager's Job System,"An exploitable vulnerability exists in the Job System component of Oracle's Enterprise Manager Base Platform. This weakness allows a high-privileged attacker with network access to compromise the system via HTTP. Successful exploitation may lead to unauthorized access to sensitive information, full control over accessible data, and the ability to perform unauthorized updates, inserts, or deletions. Additionally, this vulnerability could enable the attacker to partially disrupt the availability of the Enterprise Manager Base Platform.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2633,https://securityvulnerability.io/vulnerability/CVE-2020-2633,HTTP Exploitable Vulnerability in Oracle Enterprise Manager Base Platform,"A vulnerability exists within Oracle's Enterprise Manager Base Platform that could be exploited by a high privileged attacker with network access via HTTP. Successful exploitation of this vulnerability allows the attacker to gain unauthorized access to sensitive data, manipulate critical data by performing unauthorized updates or deletions, and can even lead to a partial denial of service. The affected versions include 12.1.0.5, 13.2.0.0, and 13.3.0.0, emphasizing the necessity for users to implement security measures to mitigate potential risks.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2628,https://securityvulnerability.io/vulnerability/CVE-2020-2628,Vulnerability in Oracle Enterprise Manager Base Platform Host Management,"An access control vulnerability exists in the Oracle Enterprise Manager Base Platform's Host Management component, affecting multiple versions. This flaw allows an attacker with high privileges and network access via HTTP to exploit the system. Successful exploitation could lead to unauthorized access to sensitive data, allowing attackers to perform operations such as updates, inserts, or deletes on the database. Additionally, the vulnerability poses a risk for partial denial of service, impacting the availability of the Enterprise Manager Base Platform.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2635,https://securityvulnerability.io/vulnerability/CVE-2020-2635,SQL Injection Vulnerability in Oracle Enterprise Manager Base Platform,"A significant vulnerability exists in the Enterprise Manager Base Platform of Oracle Enterprise Manager that allows privileged attackers with network access to execute unauthorized actions through HTTP. Exploiting this vulnerability can lead to unauthorized access to critical data, as well as the capability to manipulate, remove, or add data within the system. Additionally, attackers can initiate partial denial-of-service attacks against the affected platform, impacting availability. Affected versions include 12.1.0.5, 13.2.0.0, and 13.3.0.0.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2625,https://securityvulnerability.io/vulnerability/CVE-2020-2625,Vulnerability in Job System of Oracle Enterprise Manager Base Platform,"A vulnerability exists in the Job System component of Oracle Enterprise Manager Base Platform, affecting versions 12.1.0.5, 13.2.0.0, and 13.3.0.0. This exploit allows high-privileged attackers with network access via HTTP to gain unauthorized access to sensitive data, disrupt operations, or manipulate data through insertions or deletions. Attackers can also partially disrupt the availability of the Enterprise Manager Base Platform, exposing critical information and database integrity to serious risk. Organizations must ensure their systems are updated to mitigate potential unauthorized access.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2636,https://securityvulnerability.io/vulnerability/CVE-2020-2636,Vulnerability in Oracle Enterprise Manager Base Platform Application Service Level Management,"An access control vulnerability exists in Oracle Enterprise Manager Base Platform within the Application Service Level Management component. This vulnerability allows high-privilege attackers with network access via HTTP to compromise the platform. Exploitation could lead to unauthorized access to sensitive data, granting the attacker extensive privileges to manipulate data, including updates, inserts, or deletions. In addition, the vulnerability poses a risk of partial denial of service, impacting the overall availability of affected services.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2624,https://securityvulnerability.io/vulnerability/CVE-2020-2624,Security Vulnerability in Oracle Enterprise Manager Connector Framework,"A vulnerability exists within the Connector Framework of Oracle's Enterprise Manager Base Platform, allowing a high-privileged attacker with network access via HTTP to compromise the platform. Successful exploitation may result in unauthorized access to sensitive data and manipulation capabilities, including unauthorized updates, inserts, or deletions of accessible data. Additionally, it can lead to a partial denial of service, potentially impacting the availability of the Enterprise Manager services.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0
CVE-2020-2632,https://securityvulnerability.io/vulnerability/CVE-2020-2632,Vulnerability in Oracle Enterprise Manager's System Monitoring Component,"A vulnerability has been identified in the Enterprise Manager Base Platform of Oracle Enterprise Manager, specifically within the System Monitoring component. This flaw can be exploited by a high-privileged attacker with network access via HTTP, allowing them to compromise the Base Platform. Successful exploitation may lead to unauthorized access to sensitive data, including the ability to update, insert, or delete records. Furthermore, attackers may initiate a partial denial of service, impacting the functionality of the Enterprise Manager Base Platform. Organizations using affected versions should prioritize applying patches and monitor their environments for any suspicious activity.",Oracle,Enterprise Manager Base Platform,6,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2020-01-15T16:34:04.000Z,0