CVE-2020-14855
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2020-14855
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Universal Work Queue. Successful attacks of this vulnerability can result in takeover of Oracle Universal Work Queue. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Oracle Universal Work Queue 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Oracle Universal Work Queue是美国甲骨文(Oracle)公司的一种灵活的工作演示和访问工具。该软件可提供对工作的集中查看,访问请求,组织工作,从而提高效率和生产率。 Oracle Universal Work Queue 12.1.3版本存在安全漏洞,攻击者可利用该漏洞通过HTTP网络访问Oracle通用工作队列。成功攻击该漏洞可导致接管Oracle Universal Work Queue。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Oracle Corporation | Universal Work Queue | 12.1.3 | - |
II. Public POCs for CVE-2020-14855
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2020-14855
请登录查看更多情报信息。
- https://www.oracle.com/security-alerts/cpuoct2020.htmlx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2020-14855
Same Patch Batch · Oracle Corporation · 2020-10-21 · 160 CVEs total
| CVE-2020-14871 | 10.0 CRITICAL | Oracle Solaris 缓冲区错误漏洞 |
| CVE-2020-14859 | 9.8 CRITICAL | Oracle WebLogic Server Core 安全漏洞 |
| CVE-2020-14841 | 9.8 CRITICAL | Oracle WebLogic Server Core 安全漏洞 |
| CVE-2020-14882 | 9.8 CRITICAL | Oracle WebLogic Server 安全漏洞 |
| CVE-2020-14825 | 9.8 CRITICAL | Oracle WebLogic Server Core 安全漏洞 |
| CVE-2020-14876 | 9.1 CRITICAL | Oracle Trade Management 安全漏洞 |
| CVE-2020-14805 | 9.1 CRITICAL | IBM Oracle E-Business Suite Secure Enterprise Search 安全漏洞 |
| CVE-2020-14875 | 9.1 CRITICAL | Oracle Marketing--Marketing Administration 安全漏洞 |
| CVE-2020-14735 | 8.8 HIGH | Oracle Database Server Scheduler component 安全漏洞 |
| CVE-2020-14862 | 8.8 HIGH | Oracle Universal Work Queue 安全漏洞 |
| CVE-2020-14824 | 8.6 HIGH | Oracle Financial Services Analytical Applications Infrastructure 安全漏洞 |
| CVE-2020-14879 | 8.5 HIGH | Oracle BI Publisher 安全漏洞 |
| CVE-2020-14880 | 8.5 HIGH | Oracle BI Publisher 安全漏洞 |
| CVE-2020-14863 | 8.2 HIGH | Oracle One-to-One Fulfillment 安全漏洞 |
| CVE-2020-14808 | 8.2 HIGH | Oracle Trade Management 安全漏洞 |
| CVE-2020-14857 | 8.2 HIGH | Oracle E-Business Suite Trade Management product 安全漏洞 |
| CVE-2020-14842 | 8.2 HIGH | Oracle BI Publisher 安全漏洞 |
| CVE-2020-14872 | 8.2 HIGH | Oracle VM VirtualBox Core 安全漏洞 |
| CVE-2020-14833 | 8.2 HIGH | Oracle Trade Management 授权问题漏洞 |
| CVE-2020-14834 | 8.2 HIGH | Oracle Trade Management 安全漏洞 |
Showing top 20 of 160 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Universal Work Queue
V. Comments for CVE-2020-14855
No comments yet