Oracle Fusion Middleware CVE-2017-3540 Remote Security Vulnerability

Oracle WebCenter Sites is prone to a remote security vulnerability in Oracle WebCenter Sites.

The vulnerability can be exploited over the 'HTTP' protocol. The 'Server' sub component is affected.

This vulnerability affects the following supported versions:
11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0

Information

Bugtraq ID: 97753
Class: Unknown
CVE: CVE-2017-3540

Remote: Yes
Local: No
Published: Apr 18 2017 12:00AM
Updated: Apr 22 2017 12:05AM
Credit: Jussi of CERT-FI
Vulnerable: Oracle WebCenter Sites 11.1.1 8.0
Oracle WebCenter Sites 12.2.1.2.0
Oracle WebCenter Sites 12.2.1.1.0
Oracle WebCenter Sites 12.2.1.0.0
Oracle Fusion Middleware 11.1.1 8.0
Oracle Fusion Middleware 12.2.1.2.0
Oracle Fusion Middleware 12.2.1.1
Oracle Fusion Middleware 12.2.1.0.0

Not Vulnerable:

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References:

Oracle Homepage (Oracle)
Oracle Critical Patch Update Advisory - April 2017 (Oracle)

Source: www.securityfocus.com

Exploit Collector

Search Exploit