Is CVE-2005-3455 being actively exploited?

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 4%.

What products does CVE-2005-3455 affect?

Tracked products affected include E-Business Suite. Check the version you run to see whether it is affected.

How do I fix CVE-2005-3455?

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2005-3455

Q: What is CVE-2005-3455?

CVE-2005-3455 is a high-severity software vulnerability with a CVSS score of 10. Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Install; (2) APPS02 and (3) APPS03 in Applic

HIGH severity · CVSS 10

10CVSS HIGH

Summary

Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5 up to 11.5.10 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) APPS01 in Application Install; (2) APPS02 and (3) APPS03 in Application Object Library; (4) APPS05 and (5) APPS06 in Applications Technology Stack; (6) APPS07 in Applications Utilities; (7) APPS09, (8) APPS10, and (9) APPS11 in HRMS; (10) APPS12 in Mobile Application Foundation; (11) APPS13 in SDP Number Portability; (12) APPS14 in Oracle Service; (13) APPS15 in Service Fulfillment Manage, (14) APPS16 in Universal Work Queue; and (15) APPS20 in Workflow Cartridge.

Impact & exploitability

Attack vectorNetwork

Attack complexityLow

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)4%

AV:N/AC:L/Au:N/C:C/I:C/A:C

Affected products we track (1)

E-Business Suite

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

CVE-2005-3455

Summary

Impact & exploitability

Affected products we track (1)

Recommendation

Additional information