CVE-2017-10184

MEDIUM

Oracle E-Business Suite Wireless/WAP <12.2.6 - Info Disclosure

Title source: llm

Description

Vulnerability in the Oracle Field Service component of Oracle E-Business Suite (subcomponent: Wireless/WAP). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Field Service. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Field Service accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

References (3)

Scores

CVSS v3 5.3
EPSS 0.0056
EPSS Percentile 68.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published
Products (14)
oracle/field_service
oracle/field_service
oracle/field_service
oracle/field_service
oracle/field_service
oracle/field_service
oracle/field_service
Oracle Corporation/Field Service < 12.1.1
Oracle Corporation/Field Service < 12.1.2
Oracle Corporation/Field Service < 12.1.3
... and 4 more
Published Aug 08, 2017
Tracked Since Feb 18, 2026