CVE-2019-2713 is a vulnerability in Oracle Commerce Merchandising
Published on April 23, 2019
Vulnerability in the Oracle Commerce Merchandising component of Oracle Commerce (subcomponent: Asset Manager). The supported version that is affected is 11.2.0.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Merchandising. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Commerce Merchandising accessible data as well as unauthorized read access to a subset of Oracle Commerce Merchandising accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).
Products Associated with CVE-2019-2713
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-2713 are published in Oracle Commerce Merchandising:
Affected Versions
Oracle Corporation Commerce Merchandising Version 11.2.0.3 is affected by CVE-2019-2713Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.