CVE-2013-5871

low

Published 2014-01-15 · Modified 2026-04-29

CVSS v3

—

CVSS v2

3.5

VIR risk

3.5

Description

Unspecified vulnerability in the Oracle AutoVue Electro-Mechanical Professional component in Oracle Supply Chain Products Suite 20.1.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Web General, a different vulnerability than CVE-2013-5868 and CVE-2014-0444.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Application impact

Vendor	Product	Versions	Fixed
oracle	supply_chain_products_suite	`20.1.1`

References

http://osvdb.org/102087
http://secunia.com/advisories/56473
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/64872
http://www.securitytracker.com/id/1029620
http://osvdb.org/102087
http://secunia.com/advisories/56473
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/64872
http://www.securitytracker.com/id/1029620

Verify integrity in audit chain (admin only). AS-IS.