Vulnerability Details : CVE-2014-4229
Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, and 6.3.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Data, Domain, and Function Security.
Products affected by CVE-2014-4229
- cpe:2.3:a:oracle:supply_chain_products_suite:6.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:supply_chain_products_suite:6.3.4:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-4229
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-4229
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:N |
8.0
|
4.9
|
NIST |
References for CVE-2014-4229
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://www.securitytracker.com/id/1030582
Oracle Supply Chain Products Suite Bugs Let Remote Users Partially Access and Modify Data - SecurityTracker
-
http://www.securityfocus.com/bid/68640
Oracle Transportation Management CVE-2014-4229 Remote Security Vulnerability
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94574
Oracle Transportation Management DDFS unspecified CVE-2014-4229 Vulnerability Report
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
Jump to