Vulnerability Details : CVE-2014-4257
Unspecified vulnerability in the Oracle WebCenter Portal component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.8.0 allows remote attackers to affect confidentiality via unknown vectors related to Portlet Services.
Exploit prediction scoring system (EPSS) score for CVE-2014-4257
Probability of exploitation activity in the next 30 days: 0.41%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4257
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.1
|
HIGH | AV:N/AC:M/Au:N/C:C/I:N/A:N |
8.6
|
6.9
|
NIST |
References for CVE-2014-4257
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94541
Oracle WebCenter Portal Portlet Services information disclosure CVE-2014-4257 Vulnerability Report
-
http://www.securityfocus.com/bid/68563
Oracle WebCenter Portal CVE-2014-4257 Remote Security Vulnerability
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
Products affected by CVE-2014-4257
- cpe:2.3:a:oracle:fusion_middleware:11.1.1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.0:*:*:*:*:*:*:*