Oracle E-Business Suite CVE-2017-3515 Remote Security Vulnerability

Oracle E-Business Suite is prone to a remote security vulnerability in Oracle User Management.

The vulnerability can be exploited over the 'HTTP' protocol. The 'User Name/Password Management' sub component is affected.

This vulnerability affects the following supported versions:
12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6

Information

Bugtraq ID: 97783
Class: Unknown
CVE: CVE-2017-3515

Remote: Yes
Local: No
Published: Apr 18 2017 12:00AM
Updated: Apr 21 2017 12:04AM
Credit: Oracle
Vulnerable: Oracle E-Business Suite 12.2.6
Oracle E-Business Suite 12.2.3
Oracle E-Business Suite 12.2.5
Oracle E-Business Suite 12.2.4
Oracle E-Business Suite 12.1.3

Not Vulnerable:

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References:

Oracle Homepage (Oracle)
Oracle Critical Patch Update Advisory - April 2017 (Oracle)

Source: www.securityfocus.com

Exploit Collector

Search Exploit