What is CVE-2015-8965?

CVE-2015-8965 is a critical-severity vulnerability in Oracle Data_integrator, classified under CWE-264. CVSS score: 9.8/10. Published 2017-04-06.

How severe is CVE-2015-8965?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Oracle Data_integrator

CVE-2015-8965

Rogue Wave JViews before 8.8 patch 21 and 8.9 before patch 1 allows remote attackers to execute arbitrary Java code that exists in the classpath, such as test code or administration code. The issue exists because the ilog.views.faces.IlvFa…

EPSS: 0.014 (80.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Oracle Data_integrator — versions 12.2.1.3.0, 12.2.1.4.0
Perforce Jviews — versions 8.9
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (x_refsource_CONFIRM, Patch)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM, Vendor Advisory)

Frequently asked questions

What is CVE-2015-8965?: CVE-2015-8965 is a critical-severity vulnerability in Oracle Data_integrator, classified under CWE-264. CVSS score: 9.8/10. Published 2017-04-06.
How severe is CVE-2015-8965?: Critical severity. CVSS v3 base score is 9.8 out of 10.