all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2023-22029 (commerce_guided_search)

Add to bookmarks
Oct. 17, 2023, 10:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Vulnerability in the Oracle Commerce Guided Search product of Oracle Commerce (component: Workbench). The supported version that is affected is 11.3.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Commerce Guided Search. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Commerce Guided Search, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or …

access attacker attacks commerce compromise cve http human network network access oracle product search unauthenticated version vulnerability workbench

Visit resource

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months, 1 week ago | web.nvd.nist.gov
attackers cve denial of service issue +1
CVE-2023-40101 (android) 6 months, 1 week ago | web.nvd.nist.gov
android check collapse cve +7
CVE-2023-21377 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass cve disclosure +8
CVE-2023-21380 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bluetooth buffer buffer overflow +9
CVE-2023-21382 (android) 6 months, 1 week ago | web.nvd.nist.gov
access android check cve +11
CVE-2023-21381 (android) 6 months, 1 week ago | web.nvd.nist.gov
android arbitrary code code code execution +10
CVE-2023-21385 (android) 6 months, 1 week ago | web.nvd.nist.gov
android corruption cve disclosure +7
CVE-2023-21387 (android) 6 months, 1 week ago | web.nvd.nist.gov
android backup bypass cve +11
CVE-2023-21389 (android) 6 months, 1 week ago | web.nvd.nist.gov
android bypass check cve +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Senior Associate, Cybersecurity Operations

@ Ares Management Corporation | Los Angeles, CA - CULVER CITY
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Peraton | Fort Gordon, GA, United States
View on infosec-jobs.com

Senior DevSecOps Engineer

@ Diverto | Zagreb, Croatia
View on infosec-jobs.com

Lead DevSecOps Engineer

@ DTCC | Tampa, FL, United States
View on infosec-jobs.com

Incident Responder (Fraud Threat Management)

@ Scotiabank | Toronto, ON, CA, M5H1H1
View on infosec-jobs.com

Penetration Tester, Expert (Federal agency) - Tysons, VA - Full Time

@ iSoftTek Solutions | Tysons, Virginia, United States
View on infosec-jobs.com
View more jobs