Medium severity4.3NVD Advisory· Published Apr 19, 2018· Updated Jun 17, 2026
CVE-2018-2874
CVE-2018-2874
Description
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows physical access to compromise Oracle Application Object Library. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Object Library accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
Affected products
2=12.1.3+ 1 more
- (no CPE)range: =12.1.3
- (no CPE)range: 12.1.3
Patches
Vulnerability mechanics
References
3- www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/103878nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/id/1040694nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.