Oracle Access Manager (CVE-2014-2404) WebGate Subcomponent Unspecified Remote Information Disclosure

http://www.osvdb.org/show/osvdb/105842

Oracle Access Manager contains an unspecified flaw related to the WebGate subcomponent. This may allow an authenticated remote attacker to have an impact on confidentiality. No further details have been provided by the vendor.
Location: Remote / Network Access
Attack Type: Attack Type Unknown
Impact: Loss of Confidentiality
Solution: Patch / RCS
Exploit: Exploit Unknown
Disclosure: Vendor Verified
OSVDB: Authentication Required, Web Related

Reporter:Wang Jing
(http://www.tetraph.com/wangjing)

Known Affiliations:

 

 

 

http://www.osvdb.org/creditees/12822-wang-jing

Known Contact Information:

  • None at this time

Known Affiliations:

Disclosed Vulnerabilities (3):

Disc. Date OSVDB ID CVEID Title
2014-05-02 106567 OAuth / OpenID Unspecified Application Redirect Weakness
2014-04-15 105843 2014-2452 Oracle Access Manager Webserver Plugin Subcomponent Unspecified Remote DoS
2014-04-15 105842 2014-2404 Oracle Access Manager WebGate Subcomponent Unspecified Remote Information Disclosure
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s