CVE-2008-4014 : Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle

Unspecified vulnerability in the Oracle BPEL Process Manager component in Oracle Application Server allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

Published 2009-01-14 02:30:00

Updated 2012-10-23 02:53:15

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2008-4014

Oracle » Application Server » Version: 4.0
cpe:2.3:a:oracle:application_server:4.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 4.0.8.2
cpe:2.3:a:oracle:application_server:4.0.8.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2
cpe:2.3:a:oracle:application_server:1.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2
cpe:2.3:a:oracle:application_server:9.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.2
cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.1s
cpe:2.3:a:oracle:application_server:1.0.2.1s:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2.0.0
cpe:2.3:a:oracle:application_server:9.0.2.0.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2.0.1
cpe:2.3:a:oracle:application_server:9.0.2.0.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2.1
cpe:2.3:a:oracle:application_server:9.0.2.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2 Update R2
cpe:2.3:a:oracle:application_server:9.0.2:r2:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 4.0.8
cpe:2.3:a:oracle:application_server:4.0.8:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.3.1
cpe:2.3:a:oracle:application_server:9.0.3.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.4
cpe:2.3:a:oracle:application_server:9.0.4:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2.2
cpe:2.3:a:oracle:application_server:9.0.2.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.4.0
cpe:2.3:a:oracle:application_server:9.0.4.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.4.1
cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.2.3
cpe:2.3:a:oracle:application_server:9.0.2.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.3
cpe:2.3:a:oracle:application_server:9.0.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.2.2
cpe:2.3:a:oracle:application_server:1.0.2.2.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.0.2
cpe:2.3:a:oracle:application_server:10.1.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.0.3
cpe:2.3:a:oracle:application_server:10.1.0.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.0.3.1
cpe:2.3:a:oracle:application_server:10.1.0.3.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2
cpe:2.3:a:oracle:application_server:10.1.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.2.0.6
cpe:2.3:a:oracle:application_server:9.2.0.6:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0.0
cpe:2.3:a:oracle:application_server:10.1.2.0.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0.1
cpe:2.3:a:oracle:application_server:10.1.2.0.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.4.2
cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0.2
cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0
cpe:2.3:a:oracle:application_server:9.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0
cpe:2.3:a:oracle:application_server:1.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0
cpe:2.3:a:oracle:application_server:10.1.2.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.2 Update R1
cpe:2.3:a:oracle:application_server:1.0.2.2:r1:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0.2 Update R2
cpe:2.3:a:oracle:application_server:10.1.2.0.2:r2:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 6.0.8.26 Ps17
cpe:2.3:a:oracle:application_server:6.0.8.26_ps17:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.1
cpe:2.3:a:oracle:application_server:10.1.2.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.1.0
cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.0
cpe:2.3:a:oracle:application_server:1.0.2.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.1
cpe:2.3:a:oracle:application_server:1.0.2.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.0.4
cpe:2.3:a:oracle:application_server:10.1.0.4:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.2.0.7
cpe:2.3:a:oracle:application_server:9.2.0.7:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2 .0.1
cpe:2.3:a:oracle:application_server:10.1.2_.0.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0.0 Update R2
cpe:2.3:a:oracle:application_server:10.1.2.0.0:r2:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.0.1 Update R2
cpe:2.3:a:oracle:application_server:10.1.2.0.1:r2:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.0.0
cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.0
cpe:2.3:a:oracle:application_server:10.1.3.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 9.0.4.3
cpe:2.3:a:oracle:application_server:9.0.4.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3
cpe:2.3:a:oracle:application_server:10.1.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.2
cpe:2.3:a:oracle:application_server:10.1.2.2:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.4.0
cpe:2.3:a:oracle:application_server:10.1.4.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 7.0.4.4
cpe:2.3:a:oracle:application_server:7.0.4.4:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.2.0
cpe:2.3:a:oracle:application_server:10.1.3.2.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.4.1.0
cpe:2.3:a:oracle:application_server:10.1.4.1.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 11I
cpe:2.3:a:oracle:application_server:11i:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.2.0
cpe:2.3:a:oracle:application_server:10.1.2.2.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 1.0.2.2 Update R2
cpe:2.3:a:oracle:application_server:1.0.2.2:r2:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.3.0
cpe:2.3:a:oracle:application_server:10.1.3.3.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.1.0
cpe:2.3:a:oracle:application_server:10.1.3.1.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.1
cpe:2.3:a:oracle:application_server:10.1.3.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.3.3
cpe:2.3:a:oracle:application_server:10.1.3.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.4.1
cpe:2.3:a:oracle:application_server:10.1.4.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.4.0.1
cpe:2.3:a:oracle:application_server:10.1.4.0.1:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.1.2.3
cpe:2.3:a:oracle:application_server:10.1.2.3:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 10.2.0.0
cpe:2.3:a:oracle:application_server:10.2.0.0:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 3.0.7
cpe:2.3:a:oracle:application_server:3.0.7:*:*:*:*:*:*:*
Matching versions
Oracle » Application Server » Version: 8.1.7
cpe:2.3:a:oracle:application_server:8.1.7:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2008-4014

Top countries where our scanners detected CVE-2008-4014

Top open port discovered on systems with this issue 1521

IPs affected by CVE-2008-4014 3,295

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2008-4014!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2008-4014

EPSS FAQ

0.67%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 80 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2008-4014

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
5.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:N	8.0	4.9	NIST
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: None

References for CVE-2008-4014

Jump to

Vulnerability Details : CVE-2008-4014

Products affected by CVE-2008-4014

Threat overview for CVE-2008-4014

Exploit prediction scoring system (EPSS) score for CVE-2008-4014

CVSS scores for CVE-2008-4014

References for CVE-2008-4014