Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2019-2904

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

  • Published: Oct 16, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-2904
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
oracle / flexcube_private_banking 12.1.0 12.1.0.x
oracle / banking_platform 2.4.0 2.4.0.x
oracle / flexcube_private_banking 12.0.0 12.0.0.x
oracle / banking_platform 2.4.1 2.4.1.x
oracle / banking_platform 2.5.0 2.5.0.x
oracle / enterprise_repository 11.1.1.7.0 11.1.1.7.0.x
oracle / application_testing_suite 12.5.0.3 12.5.0.3.x
oracle / business_process_management_suite 12.2.1.3.0 12.2.1.3.0.x
oracle / application_testing_suite 13.1.0.1 13.1.0.1.x
oracle / application_testing_suite 13.2.0.1 13.2.0.1.x
oracle / application_testing_suite 13.3.0.1 13.3.0.1.x
oracle / banking_platform 2.6.0 2.6.0.x
oracle / banking_platform 2.6.1 2.6.1.x
oracle / banking_platform 2.6.2 2.6.2.x
oracle / communications_service_broker 6.0 6.0.x
oracle / retail_clearance_optimization_engine 14.0.5 14.0.5.x
oracle / hyperion_planning 11.1.2.4 11.1.2.4.x
oracle / communications_diameter_signaling_router 8.0.0.0 8.4.0.5.x
oracle / retail_assortment_planning 15.0.3.0 15.0.3.0.x
oracle / retail_assortment_planning 16.0.3.0 16.0.3.0.x
oracle / banking_platform 2.7.0 2.7.0.x
oracle / banking_platform 2.7.1 2.7.1.x
oracle / banking_platform 2.9.0 2.9.0.x
oracle / financial_services_lending_and_leasing 12.5.0 12.5.0.x
oracle / communications_network_integrity 7.3.2 7.3.6.x
oracle / business_process_management_suite 12.2.1.4.0 12.2.1.4.0.x
oracle / communications_services_gatekeeper 6.0 6.0.x
oracle / communications_services_gatekeeper 6.1 6.1.x
oracle / retail_sales_audit 15.0.3 15.0.3.x
oracle / retail_clearance_optimization_engine 14.0.3 14.0.3.x
oracle / retail_sales_audit 16.0.2 16.0.2.x
oracle / retail_markdown_optimization 13.4 13.4.x
oracle / health_sciences_data_management_workbench 2.5 2.5.x
oracle / financial_services_revenue_management_and_billing_analytics 2.6 2.6.x
oracle / financial_services_revenue_management_and_billing_analytics 2.7 2.7.x
oracle / financial_services_revenue_management_and_billing_analytics 2.8 2.8.x
oracle / rapid_planning 12.1.3 12.1.3.x
oracle / financial_services_lending_and_leasing 14.1.0 14.2.0.x
oracle / communications_service_broker 6.1 6.1.x
oracle / banking_enterprise_collections 2.7.0 2.7.0.x
oracle / banking_enterprise_collections 2.8.0 2.8.0.x
oracle / banking_enterprise_originations 2.8.0 2.8.0.x
oracle / banking_enterprise_originations 2.7.0 2.7.0.x
oracle / banking_enterprise_product_manufacturing 2.7.0 2.7.0.x
oracle / banking_enterprise_product_manufacturing 2.8.0 2.8.0.x
oracle / retail_clearance_optimization_engine 13.4 13.4.x
oracle / clinical 5.2 5.2.x
oracle / health_sciences_data_management_workbench 2.4 2.4.x