cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21081,https://securityvulnerability.io/vulnerability/CVE-2024-21081,Unauthenticated Access Vulnerability in Oracle Partner Management of Oracle E-Business Suite,"A security vulnerability exists in the Oracle Partner Management component of the Oracle E-Business Suite. It allows unauthenticated attackers with network access via HTTP to potentially exploit the system. The attack, requiring human interaction from a user other than the attacker, could lead to unauthorized modifications, including updates, inserts, or deletions of accessible data within the Oracle Partner Management product. Although primarily affecting Oracle Partner Management, this vulnerability has implications that may extend to other interconnected products within the suite.",Oracle,Partner Management,4.7,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2022-21373,https://securityvulnerability.io/vulnerability/CVE-2022-21373,Vulnerability in Oracle Partner Management Product of Oracle E-Business Suite,"An unauthenticated attacker with network access via HTTP can exploit a vulnerability in the Oracle Partner Management component of Oracle E-Business Suite. This easily exploitable flaw requires human interaction from a target user and can allow unauthorized updates, inserts, or deletions of data within Oracle Partner Management. Additionally, it can enable unauthorized read access to specific data sets, thereby significantly impacting the security of the system.",Oracle,Partner Management,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-01-19T11:26:05.000Z,0
CVE-2021-2195,https://securityvulnerability.io/vulnerability/CVE-2021-2195,Unauthenticated Access Vulnerability in Oracle E-Business Suite's Partner Management,"The vulnerability exists in the Attribute Admin Setup component of Oracle Partner Management within Oracle E-Business Suite. It allows unauthenticated attackers with network access via HTTP to exploit the vulnerability. Successful exploitation may require interaction from a user who is not the attacker, indicating social engineering components in the attack vector. This vulnerability poses a significant risk as it can lead to unauthorized access to sensitive data and provide attackers with the ability to modify, insert, or delete data within the Oracle Partner Management environment. The impacts can extend beyond Partner Management, potentially affecting other integrated products.",Oracle,Partner Management,8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2021-04-22T21:53:49.000Z,0
CVE-2020-2877,https://securityvulnerability.io/vulnerability/CVE-2020-2877,Unauthenticated Access in Oracle Partner Management of Oracle E-Business Suite,"This vulnerability allows an unauthenticated attacker with network access via HTTP to exploit the Oracle Partner Management component of the Oracle E-Business Suite. While the vulnerability itself exists in Oracle Partner Management, successful exploitation could lead to unauthorized access to vital data across affected products. Attackers would need human interaction from a third party to execute the attack, potentially leading to unauthorized modifications, deletions, and insertions of data. The persistence of this flaw poses serious risks, highlighting the need for organizations to implement stringent security measures.",Oracle,Partner Management,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0
CVE-2019-2498,https://securityvulnerability.io/vulnerability/CVE-2019-2498,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dash board). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Partner Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Partner Management,8.2,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2447,https://securityvulnerability.io/vulnerability/CVE-2019-2447,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Detail). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Partner Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Partner Management,8.2,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2470,https://securityvulnerability.io/vulnerability/CVE-2019-2470,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Detail). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 and 12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Partner Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Partner Management,8.2,HIGH,0.0010900000343099236,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-3196,https://securityvulnerability.io/vulnerability/CVE-2018-3196,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: Partner Dashboard). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Partner Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Partner Management,8.2,HIGH,0.0014700000174343586,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2017-3282,https://securityvulnerability.io/vulnerability/CVE-2017-3282,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS v3.0 Base Score 4.7 (Integrity impacts).",Oracle,Partner Management,4.7,MEDIUM,0.0017000000225380063,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3280,https://securityvulnerability.io/vulnerability/CVE-2017-3280,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS v3.0 Base Score 4.7 (Integrity impacts).",Oracle,Partner Management,4.7,MEDIUM,0.0013800000306218863,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3283,https://securityvulnerability.io/vulnerability/CVE-2017-3283,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS v3.0 Base Score 4.7 (Integrity impacts).",Oracle,Partner Management,4.7,MEDIUM,0.0017000000225380063,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0
CVE-2017-3281,https://securityvulnerability.io/vulnerability/CVE-2017-3281,,"Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS v3.0 Base Score 4.7 (Integrity impacts).",Oracle,Partner Management,4.7,MEDIUM,0.0017000000225380063,false,,false,false,false,,,false,false,,2017-01-27T22:01:00.000Z,0