What is the severity of CVE-2007-2170?

CVE-2007-2170 is considered a serious vulnerability due to its potential to allow unauthorized deletion of arbitrary nodes in Oracle E-Business Suite.

How do I fix CVE-2007-2170?

To fix CVE-2007-2170, apply the latest patch provided in the Oracle Critical Patch Update for April 2007.

What systems are affected by CVE-2007-2170?

CVE-2007-2170 affects the Oracle E-Business Suite software.

Can CVE-2007-2170 be exploited remotely?

Yes, CVE-2007-2170 can be exploited remotely without needing valid session authentication.

What is the main issue with CVE-2007-2170?

The main issue with CVE-2007-2170 is the lack of session validation in the APPLSYS.FND_DM_NODES package, allowing unauthorized operations.

Vulnerability/
CVE-2007-2170

critical

9.4

CWE

NVD-CWE-Other

24/4/2007

7/8/2024

CVE-2007-2170

First published: Tue Apr 24 2007(Updated: )

The APPLSYS.FND_DM_NODES package in Oracle E-Business Suite does not check for valid sessions, which allows remote attackers to delete arbitrary nodes. NOTE: due to lack of details from Oracle, it is not clear whether this issue is related to other CVE identifiers such as CVE-2007-2126, CVE-2007-2127, or CVE-2007-2128.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Oracle E-Business Suite

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-2170?
CVE-2007-2170 is considered a serious vulnerability due to its potential to allow unauthorized deletion of arbitrary nodes in Oracle E-Business Suite.
How do I fix CVE-2007-2170?
To fix CVE-2007-2170, apply the latest patch provided in the Oracle Critical Patch Update for April 2007.
What systems are affected by CVE-2007-2170?
CVE-2007-2170 affects the Oracle E-Business Suite software.
Can CVE-2007-2170 be exploited remotely?
Yes, CVE-2007-2170 can be exploited remotely without needing valid session authentication.
What is the main issue with CVE-2007-2170?
The main issue with CVE-2007-2170 is the lack of session validation in the APPLSYS.FND_DM_NODES package, allowing unauthorized operations.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/remedy
agent/author
agent/severity
agent/last-modified-date
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/oracle
canonical/oracle e-business suite

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2007-2170

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2007-2170?

How do I fix CVE-2007-2170?

What systems are affected by CVE-2007-2170?

Can CVE-2007-2170 be exploited remotely?

What is the main issue with CVE-2007-2170?

Company

Resources

Contact