Application Object Library
CVE-2019-3027
MEDIUM
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Lifecycle Timeline
1DescriptionNVD
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Application Object Library. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
AnalysisAI
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Technical ContextAI
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Login Help). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Object Library. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Application Object Library. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). Affected products include: Oracle Application Object Library.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Application Object Library
View allVulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: iHelp). Rated
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Flexfields).
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Attachments /
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Profiles). Rated h
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics).
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Rated high
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: DB Privileges). Ra
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: GUI). Rated medium
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2 allows
Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Rated mediu
Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3,
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today