Oracle WebCenter Sites CVE-2017-3602 Remote Security Vulnerability

Oracle Fusion Middleware is prone to a remote security vulnerability in Oracle WebCenter Sites.

The vulnerability can be exploited over the 'HTTP' protocol. The 'Advanced UI' sub component is affected.

This vulnerability affects the following supported versions:
11.1.1.8.0, 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0

Information

Bugtraq ID: 97823
Class: Unknown
CVE: CVE-2017-3602

Remote: Yes
Local: No
Published: Apr 18 2017 12:00AM
Updated: Apr 19 2017 01:03AM
Credit: Spyridon Chatzimichail of OTE Hellenic Telecommunications Organization S.A.
Vulnerable: Oracle Fusion Middleware 11.1.1 8.0
Oracle Fusion Middleware 12.2.1.2.0
Oracle Fusion Middleware 12.2.1.1
Oracle Fusion Middleware 12.2.1.0.0

Not Vulnerable:

Exploit

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References:

Oracle Homepage (Oracle)
Oracle Critical Patch Update Advisory - April 2017 (Oracle)

Source: www.securityfocus.com

Exploit Collector

Search Exploit