Vulnerability in Oracle Supply_chain_products_suite

CVE-2014-0372

Unspecified vulnerability in the Oracle Demantra Demand Management component in Oracle Supply Chain Products Suite 7.2.0.3 SQL-Server, 7.3.0, 7.3.1, 12.2.1, and 12.2.2 allows remote authenticated users to affect confidentiality and integri…

EPSS: 0.205 (95.7th percentile) — read the EPSS interpretation.

Affected products

Oracle Supply_chain_products_suite — versions 7.2.0.3
Oracle Supply_chain_products_suite_sql-server — versions 7.3.0, 7.3.1, 12.2.0
N/a — versions n/a

References

31993 (exploit, x_refsource_EXPLOIT-DB)
20140228 CVE-2014-0372 - SQL Injection in Oracle Demantra (mailing-list, x_refsource_BUGTRAQ)
102103 (x_refsource_OSVDB, vdb-entry)
1029620 (vdb-entry, x_refsource_SECTRACK)
64826 (vdb-entry, x_refsource_BID)
56474 (x_refsource_SECUNIA, third-party-advisory)
64758 (vdb-entry, x_refsource_BID)
secalert_us@oracle.com (x_refsource_CONFIRM, Vendor Advisory)