CVE-2014-6556 — MEDIUM (4.6)

Vulnerability Description

Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to AD_DDL.

CVSS Score

4.6

MEDIUM

AV:N/AC:H/Au:S/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Oracle	E-Business Suite	11.5.10.2

References

http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatchVendor Advisory
http://www.securitytracker.com/id/1031579
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatchVendor Advisory
http://www.securitytracker.com/id/1031579

FAQ

What is CVE-2014-6556?

CVE-2014-6556 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Unspecified vulnerability in the Oracle Applications DBA component in Oracle E-Business Suite 11.5.10.2, 12.0.6, 12.1.3, 12.2.2, 12.2.3, and 12.2.4 allows remote authenticated users to affect confiden...

How severe is CVE-2014-6556?

CVE-2014-6556 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-6556?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle E-Business Suite.