Main Vulnerability Database Vulnerabilities #VU40820

Input validation error in Oracle Commerce Platform - CVE-2015-0510

Published: April 16, 2015 / Updated: August 9, 2020

Vulnerability identifier: #VU40820

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2015-0510

CWE-ID: CWE-20

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Oracle

Affected software:
Oracle Commerce Platform

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

Unspecified vulnerability in the Oracle Commerce Platform component in Oracle Commerce Platform 9.4, 10.0, and 10.2 allows remote attackers to affect integrity via vectors related to Dynamo Application Framework - HTML Admin User Interface.

How to mitigate CVE-2015-0510

Install update from vendor's website.

Sources

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

Input validation error in Oracle Commerce Platform - CVE-2015-0510

Detailed vulnerability description

How to mitigate CVE-2015-0510

Sources

Please verify you're human