How severe is CVE-2017-3280?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2017-3280?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2017-3280 - MEDIUM Severity | CVSS 4.7

Vulnerability Description

Vulnerability in the Oracle Partner Management component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Partner Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. CVSS v3.0 Base Score 4.7 (Integrity impacts).

Related Vulnerabilities

CVE-2016-9263

MEDIUM

CVSS:4.7(Medium)

WordPress through 4.8.2, when domain-based flashmediaelement.swf sandboxing is not used, allows remote attackers to conduct cross-domain Flash injection (XSF) attacks by leveraging code contained with...

CWE-202016

CVE-2017-0354

MEDIUM

CVSS:4.7(Medium)

All versions of the NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer handler for DxgkDdiEscape where a call to certain function requiring lower IRQL can be made under...

CWE-202017

CVE-2017-15333

MEDIUM

CVSS:4.7(Medium)

XML parser in Huawei S12700 V200R005C00,S1700 V200R009C00, V200R010C00,S3700 V100R006C03, V100R006C05,S5700 V200R001C00, V200R002C00, V200R003C00, V200R003C02, V200R005C00, V200R006C00, V200R007C00, V...

CWE-202017

CVE-2017-15346

MEDIUM

CVSS:4.7(Medium)

CWE-202017

CVE-2017-18103

MEDIUM

CVSS:4.7(Medium)

The atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a c...

CWE-202017

CVE-2017-18430

MEDIUM

CVSS:4.7(Medium)

In cPanel before 66.0.2, user and group ownership may be incorrectly set when using reassign_post_terminate_cruft (SEC-294).

CWE-202017