cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score CVE-2024-20944,https://securityvulnerability.io/vulnerability/CVE-2024-20944,Vulnerability in Oracle iSupport of Oracle E-Business Suite,"The vulnerability in Oracle iSupport within the Oracle E-Business Suite allows attackers with low privileges to exploit the system through network access via HTTP. This vulnerability, while residing in Oracle iSupport, has the potential to affect other components significantly. Successful exploitation may lead to unauthorized modifications, deletions, or access to data managed by Oracle iSupport. Importantly, successful attacks necessitate user interaction from a party other than the attacker, highlighting a critical point of risk. Organizations utilizing the affected versions of Oracle E-Business Suite must implement recommended security measures to mitigate potential impacts.",Oracle,iSupport,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:41:19.302Z,0 CVE-2021-2097,https://securityvulnerability.io/vulnerability/CVE-2021-2097,Unauthorized Access Vulnerability in Oracle E-Business Suite's iSupport,"The vulnerability in Oracle iSupport, part of the Oracle E-Business Suite, allows attackers to gain unauthorized access to sensitive information. Attackers can exploit the flaw remotely via HTTP, potentially with only user interaction required, which raises significant security concerns for organizations utilizing affected versions. Successful exploitation could enable attackers to access confidential data, along with the ability to update, insert, or delete critical information within the system. Given the reach of this vulnerability, it poses a substantial risk not only to the iSupport functionality but also to the integrity of broader systems relying on this product.",Oracle,Isupport,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:10.000Z,0 CVE-2021-2083,https://securityvulnerability.io/vulnerability/CVE-2021-2083,Unauthorized Data Access Vulnerability in Oracle E-Business Suite iSupport,"A vulnerability in Oracle iSupport allows unauthenticated attackers with network access to compromise sensitive data. This exploit requires interaction from a user besides the attacker, leading to unauthorized access to critical data contained within Oracle iSupport systems. Successful exploitation may enable attackers to perform unauthorized updates, insertions, or deletions of accessible data, thereby significantly jeopardizing data integrity and confidentiality.",Oracle,Isupport,8.2,HIGH,0.0020699999295175076,false,,false,false,false,,,false,false,,2021-01-20T14:50:09.000Z,0 CVE-2020-14686,https://securityvulnerability.io/vulnerability/CVE-2020-14686,Security Flaw in Oracle E-Business Suite's iSupport Component,"A vulnerability exists within the iSupport component of Oracle E-Business Suite that permits unauthenticated attackers with network access via HTTP to exploit the tool. Successful exploitation demands human interaction from a third party, yet the ramifications of such an attack can lead to unauthorized access to critical information, offering attackers complete control over the data available through Oracle iSupport. This vulnerability poses significant risks, enabling attackers to perform unauthorized updates, inserts, or deletions on sensitive data accessible through the application.",Oracle,Isupport,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-07-15T17:34:34.000Z,0 CVE-2020-2872,https://securityvulnerability.io/vulnerability/CVE-2020-2872,Unauthenticated Access Vulnerability in Oracle iSupport of Oracle E-Business Suite,"This vulnerability in Oracle iSupport within the Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to compromise the system. Exploitation demands human interaction from a user other than the attacker, which can lead to unauthorized access to sensitive data and the potential for unauthorized modifications. The vulnerability can have wider implications, impacting other interconnected products. Attackers could gain complete access to all data accessible through Oracle iSupport, allowing unauthorized updates, insertions, or deletions of data, thereby threatening the integrity and confidentiality of critical information.",Oracle,Isupport,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0 CVE-2020-2878,https://securityvulnerability.io/vulnerability/CVE-2020-2878,Unauthenticated Access Vulnerability in Oracle E-Business Suite iSupport Component,"A vulnerability exists in the iSupport component of Oracle E-Business Suite, allowing unauthenticated attackers with HTTP access to exploit the system. Successful exploitation could grant unauthorized access to sensitive data and the ability to modify, delete, or insert data within iSupport. While the attack necessitates human interaction, it poses significant risks to the integrity and confidentiality of affected data. This vulnerability highlights the importance of protecting Oracle iSupport instances to mitigate potential security breaches.",Oracle,Isupport,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0 CVE-2020-2855,https://securityvulnerability.io/vulnerability/CVE-2020-2855,Remote Code Execution Vulnerability in Oracle iSupport of Oracle E-Business Suite,"The vulnerability in Oracle iSupport, part of the Oracle E-Business Suite, allows an unauthenticated attacker with network access via HTTP to exploit the system. Successful exploitation could enable attackers to gain unauthorized access to sensitive data. It requires human interaction from an external individual, increasing the complexity of the attack. While the vulnerability is primarily in Oracle iSupport, the implications can extend to other products within the suite, leading to significant risks including unauthorized updates and deletions of data. Organizations using affected versions should prioritize patching to protect against potential threats.",Oracle,Isupport,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:49.000Z,0 CVE-2020-2843,https://securityvulnerability.io/vulnerability/CVE-2020-2843,Unauthenticated Access Vulnerability in Oracle iSupport of Oracle E-Business Suite,"A vulnerability exists in the Oracle iSupport component of Oracle E-Business Suite, which allows unauthenticated attackers with network access via HTTP to compromise this product. While the flaw is primarily located in Oracle iSupport, successful exploitation can lead to significant consequences, potentially affecting other integrated systems. Attackers may gain unauthorized access to sensitive information or manipulate data through unauthorized updates, inserts, or deletions. The nature of the exploitation requires human interaction from a third party, making it crucial for organizations to implement appropriate security measures to mitigate these risks. To learn more about this vulnerability, visit Oracle's security alerts.",Oracle,Isupport,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:48.000Z,0 CVE-2020-2815,https://securityvulnerability.io/vulnerability/CVE-2020-2815,Vulnerability in Oracle E-Business Suite's iSupport Component,"A vulnerability exists within the Oracle iSupport component of Oracle E-Business Suite, permitting unauthenticated attackers with network access via HTTP to compromise the application. The flaw enables unauthorized users to gain access to sensitive information and data manipulation capabilities after requiring some form of human interaction. This breach not only affects Oracle iSupport but can also have far-reaching consequences on associated products, allowing for potential unauthorized data access, including the ability to update, insert, or delete records. Organizations utilizing affected versions must assess their security posture and implement necessary safeguards to mitigate risks.",Oracle,Isupport,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:47.000Z,0 CVE-2020-2789,https://securityvulnerability.io/vulnerability/CVE-2020-2789,Vulnerability in Oracle E-Business Suite's User Interface Affecting Oracle iSupport,"An improper authentication vulnerability exists in Oracle iSupport, part of the Oracle E-Business Suite. This issue allows an unauthenticated attacker with network access via HTTP to compromise the Oracle iSupport component. While exploiting this vulnerability requires human interaction from a user other than the attacker, successful exploitation can lead to unauthorized access, enabling attackers to perform update, insert, or delete operations on sensitive data within Oracle iSupport. This poses significant risks not only to Oracle iSupport but may also affect other interconnected products within the Oracle ecosystem.",Oracle,Isupport,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-04-15T13:29:46.000Z,0 CVE-2020-2665,https://securityvulnerability.io/vulnerability/CVE-2020-2665,Unauthenticated Access Vulnerability in Oracle iSupport Product by Oracle,"The vulnerability in Oracle iSupport within the Oracle E-Business Suite allows an unauthenticated attacker with network access over HTTPS to compromise the affected system. Successful exploitation could lead to unauthorized access to sensitive data and potentially allow an attacker to manipulate that data through unauthorized updates, inserts, or deletions. This vulnerability hinges on human interaction, enabling attackers to execute their plans effectively. Additionally, while the vulnerability is confined to Oracle iSupport, the ramifications can extend to other integrated products, posing a significant security risk.",Oracle,Isupport,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0 CVE-2020-2668,https://securityvulnerability.io/vulnerability/CVE-2020-2668,Security Flaw in Oracle E-Business Suite's iSupport Component,"A vulnerability exists in the iSupport component of Oracle E-Business Suite that allows unauthenticated attackers with network access via HTTPS to compromise the system. Successful exploitation of this flaw may enable unauthorized updates, inserts, or deletions of accessible data. Notably, while the vulnerability is specific to iSupport, its repercussions can extend to other integrated Oracle products, especially since attacks necessitate user interaction from individuals not involved in the attack.",Oracle,Isupport,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0 CVE-2020-2667,https://securityvulnerability.io/vulnerability/CVE-2020-2667,Unauthorized Access Vulnerability in Oracle iSupport of Oracle E-Business Suite,"A vulnerability exists in Oracle iSupport, part of Oracle E-Business Suite, which can be exploited by unauthenticated attackers with network access via HTTPS. Successful exploitation requires human interaction from a party other than the attacker. While primarily affecting Oracle iSupport, the impact can extend to other products within the suite. This vulnerability may enable unauthorized updates, inserts, or deletions of accessible data, posing a risk to the integrity of the system.",Oracle,Isupport,4.7,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0 CVE-2020-2661,https://securityvulnerability.io/vulnerability/CVE-2020-2661,Unauthenticated Access Vulnerability in Oracle iSupport by Oracle,"The vulnerability in Oracle iSupport allows an unauthenticated attacker with network access via HTTPS to compromise the system. While it primarily affects Oracle iSupport, successful exploitation can lead to unauthorized access to sensitive data and may allow for unauthorized modification, including updates and deletions. Notably, these attacks require human interaction from a user other than the attacker, making the vulnerability exploitable under specific conditions. This could significantly impact data integrity across additional Oracle products linked to iSupport, exposing organizations to the risk of critical data loss.",Oracle,Isupport,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0 CVE-2020-2658,https://securityvulnerability.io/vulnerability/CVE-2020-2658,Unauthenticated Network Access Vulnerability in Oracle iSupport Product by Oracle,"The vulnerability present in Oracle iSupport, part of the Oracle E-Business Suite, exposes systems to potential exploitation via unauthenticated network access. Attackers can target this weakness through HTTPS, requiring user interaction from a third party to execute a successful attack. This vulnerability can lead to unauthorized access to critical data, allowing attackers to manipulate, delete, or insert information, significantly compromising the integrity of the data managed through Oracle iSupport.",Oracle,Isupport,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0 CVE-2020-2662,https://securityvulnerability.io/vulnerability/CVE-2020-2662,Vulnerability in Oracle E-Business Suite affecting Oracle iSupport,"The vulnerability in Oracle iSupport allows an unauthenticated attacker with network access via HTTPS to compromise the system. While the attacker requires interaction from another user, the successful exploit can lead to unauthorized access to critical data within Oracle iSupport. This not only jeopardizes the integrity of the data but also poses risks to other linked products within the Oracle E-Business Suite. Attackers might gain unauthorized permissions to update, insert, or delete data, which can have severe implications for data confidentiality and integrity.",Oracle,Isupport,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2020-01-15T16:34:05.000Z,0 CVE-2019-2829,https://securityvulnerability.io/vulnerability/CVE-2019-2829,Oracle E-Business Suite iSupport Component Vulnerability,"A vulnerability exists in the iSupport component of Oracle E-Business Suite, impacting multiple versions. This issue allows an unauthenticated attacker with network access to exploit the system via HTTP, necessitating human interaction to succeed. Although primarily located within Oracle iSupport, successful exploitation can lead to unauthorized access to sensitive information and the ability to manipulate Oracle iSupport data, including updates and deletions. Organizations using affected versions should take immediate action to assess and mitigate potential risks.",Oracle,Isupport,8.2,HIGH,0.002369999885559082,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0 CVE-2017-10415,https://securityvulnerability.io/vulnerability/CVE-2017-10415,,"Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Others). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Isupport,8.2,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0 CVE-2017-10175,https://securityvulnerability.io/vulnerability/CVE-2017-10175,,"Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Profiles). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle iSupport accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",Oracle,Isupport,4.3,MEDIUM,0.0007200000109151006,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0 CVE-2017-10174,https://securityvulnerability.io/vulnerability/CVE-2017-10174,,"Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: Service Request). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Isupport,8.2,HIGH,0.0014700000174343586,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0 CVE-2017-3369,https://securityvulnerability.io/vulnerability/CVE-2017-3369,,"Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Isupport,8.2,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0 CVE-2017-3370,https://securityvulnerability.io/vulnerability/CVE-2017-3370,,"Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Isupport,8.2,HIGH,0.001120000029914081,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0 CVE-2017-3371,https://securityvulnerability.io/vulnerability/CVE-2017-3371,,"Vulnerability in the Oracle iSupport component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS v3.0 Base Score 8.2 (Confidentiality and Integrity impacts).",Oracle,Isupport,8.2,HIGH,0.0024999999441206455,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0