Back to Advisories
🔔 CVE Advisory

CVE-2020-2838

Oracle E-business Suite

Oracle E-Business Suite version 12.1.1-12.1.3 allows remote attackers to manipulate paths to read files arbitrarily without authentication due to improper input validation.

Year 2021
Published August 30, 2021

Advisory Information

Affected Product Oracle E-business Suite
Title CVE-2020-2838
Description

Oracle E-Business Suite version 12.1.1-12.1.3 allows remote attackers to manipulate paths to read files arbitrarily without authentication due to improper input validation.

Year 2021
Published Date August 30, 2021
View Full CVE Advisory

Affected Vendors

O
Oracle

Research Team

Nguyen Tuan Anh
Nguyen Tuan Anh
Senior Redteamer