oracle application-development-framework CVE-2019-2904 vulnerability in Oracle Products
Published on October 16, 2019

product logo product logo
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

NVD


Products Associated with CVE-2019-2904

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-2904 are published in these products:

Oracle Application Development Framework
 
Oracle Jdeveloper
 
Oracle Application Testing Suite
 
Oracle Banking Enterprise Collections
 
Oracle Banking Enterprise Originations
 
Oracle Banking Enterprise Product Manufacturing
 
Oracle Banking Platform
 
Oracle Business Process Management Suite
 
Oracle Clinical
 
Oracle Communications Diameter Signaling Router
 
Oracle Communications Network Integrity
 
Oracle Communications Service Broker
 
Oracle Communications Services Gatekeeper
 
Oracle Enterprise Repository
 
Oracle Financial Services Lending Leasing
 
Oracle Financial Services Revenue Management Billing Analytics
 
Oracle Flexcube Private Banking
 
Oracle Health Sciences Data Management Workbench
 
Oracle Hyperion Planning
 
Oracle MySQL
 
Oracle Rapid Planning
 
Oracle Retail Assortment Planning
 
Oracle Retail Clearance Optimization Engine
 
Oracle Retail Markdown Optimization
 
Oracle Retail Sales Audit
 

Affected Versions

Oracle Corporation Enterprise Repository: Oracle Corporation Rapid Planning:

Exploit Probability

EPSS
12.61%
Percentile
93.81%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.