oracle application-development-framework CVE-2019-2899 vulnerability in Oracle Products
Published on October 16, 2019

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: OAM). Supported versions that are affected are 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle JDeveloper and ADF accessible data. CVSS 3.0 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).

NVD


Products Associated with CVE-2019-2899

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-2899 are published in these products:

Oracle Application Development Framework
 
Oracle Jdeveloper
 
Oracle Peoplesoft Enterprise Scm Purchasing
 
Oracle Hyperion Financial Management
 

Affected Versions

Oracle Corporation Hyperion Financial Management Version 11.1.2.4 is affected by CVE-2019-2899

Exploit Probability

EPSS
0.37%
Percentile
58.33%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.