First published: Tue Jan 17 2023(Updated: )
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Demantra Demand Management accessible data. CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).
Credit: secalert_us@oracle.com secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Oracle Demantra Demand Management | =12.1 | |
Oracle Demantra Demand Management | =12.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this Oracle Demantra Demand Management vulnerability is CVE-2023-21850.
The affected component for this vulnerability is E-Business Collections.
Versions 12.1 and 12.2 of Oracle Demantra Demand Management are affected.
The severity rating of this vulnerability is high with a score of 7.5.
An unauthenticated attacker with network access via HTTP can exploit this vulnerability.
Please refer to the Oracle Security Alerts website for information on available fixes.