Main Vulnerability Database Exploits ID:1395 - Exploit for Improper access control in Oracle E-Business Suite - CVE-2017-3549

ID:1395 - Exploit for Improper access control in Oracle E-Business Suite - CVE-2017-3549

Published: March 18, 2020

Vulnerability identifier: #VU11599

Vulnerability risk: Low

CVE-ID: CVE-2017-3549

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
Oracle E-Business Suite

Link to public exploit:

https://www.exploit-db.com/exploits/41926/

Vulnerability description

The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information or write arbitrary files on the target system.

The weakness exists in the Oracle Scripting component due to improper access control. A remote attacker can gain access to critical data or complete access to all accessible data and create, delete or modify critical data or all accessible data.

Remediation

Install update from vendor's website.

ID:1395 - Exploit for Improper access control in Oracle E-Business Suite - CVE-2017-3549

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human