Oracle.E-Business.Suite.Arbitrary.Document.Download
Description
This vulnerability allows remote attackers to download any existing
document in the APPS.FND_DOCUMENTS table from vulnerable installations of
Oracle E-Business Suite. Authentication is not required to exploit this
vulnerability.
Affected Products
Oracle E-Business Suite Release 11i, versions 11.5.7 - 11.5.10 CU2
Oracle E-Business Suite Release 12, version 12.0.0
Impact
Arbitrary document download.
Recommended Actions
Please refer to http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2007.html for the latest update.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2020-12-11 | 16.978 | |
2019-11-22 | 15.729 | Name:Oracle. EBusiness. Suite. Arbitrary. Document. Download:Oracle. E-Business. Suite. Arbitrary. Document. Download |