CVE-2020-2889 is a vulnerability in Oracle Customer Relationship Management Technical Foundation
Published on April 15, 2020
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle CRM Technical Foundation. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle CRM Technical Foundation accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
Products Associated with CVE-2020-2889
Want to know whenever a new CVE is published for Oracle Customer Relationship Management Technical Foundation? stack.watch will email you.
Affected Versions
Oracle Corporation CRM Technical Foundation:- Version 12.1.3 is affected.
- Version 12.2.3-12.2.9 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.