CVE-2006-1884

Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.

Published: 2006-04-20 Last update: 2026-04-16 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2006-1884 is rated High Risk (73.6/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 3.84%). EPSS rose +2.51% over the last day, indicating growing attacker interest. High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2006-1884

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 1.32% 3.84% +2.51%
2 2025-05-14 1.35% 1.32% -0.03%
3 2025-03-30 1.35%

Full EPSS history (11 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-1884

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2006-1884

NVD evaluator notes for CVE-2006-1884

Solution: The vendor has addressed this issue through the release of product updates: http://www.oracle.com/technology/deploy/security/pdf/cpuapr2006.html

Affected software / configurations for CVE-2006-1884

Vendor Product Version Raw CPE
jdedwards enterpriseone_tools 8.95 cpe:2.3:a:jdedwards:enterpriseone_tools:8.95:*:*:*:*:*:*:*
jdedwards enterpriseone_tools 8.95.j1 cpe:2.3:a:jdedwards:enterpriseone_tools:8.95.j1:*:*:*:*:*:*:*
oneworld oneworld_tools 8.95 cpe:2.3:a:oneworld:oneworld_tools:8.95:*:*:*:*:*:*:*
oneworld oneworld_tools 8.95.j1 cpe:2.3:a:oneworld:oneworld_tools:8.95.j1:*:*:*:*:*:*:*
oracle application_server 1.0.2.2 cpe:2.3:a:oracle:application_server:1.0.2.2:*:*:*:*:*:*:*
oracle application_server 9.0.4.1 cpe:2.3:a:oracle:application_server:9.0.4.1:*:*:*:*:*:*:*
oracle application_server 9.0.4.2 cpe:2.3:a:oracle:application_server:9.0.4.2:*:*:*:*:*:*:*
oracle application_server 10.1.2.0.0 cpe:2.3:a:oracle:application_server:10.1.2.0.0:*:*:*:*:*:*:*
oracle application_server 10.1.2.0.1 cpe:2.3:a:oracle:application_server:10.1.2.0.1:*:*:*:*:*:*:*
oracle application_server 10.1.2.0.2 cpe:2.3:a:oracle:application_server:10.1.2.0.2:*:*:*:*:*:*:*
oracle application_server 10.1.2.1.0 cpe:2.3:a:oracle:application_server:10.1.2.1.0:*:*:*:*:*:*:*
oracle application_server 10.1.3.0.0 cpe:2.3:a:oracle:application_server:10.1.3.0.0:*:*:*:*:*:*:*
oracle collaboration_suite 9.0.4.2 cpe:2.3:a:oracle:collaboration_suite:9.0.4.2:*:*:*:*:*:*:*
oracle collaboration_suite_10g_release_1 10.1.1 cpe:2.3:a:oracle:collaboration_suite_10g_release_1:10.1.1:*:*:*:*:*:*:*
oracle collaboration_suite_10g_release_1 10.1.2.0 cpe:2.3:a:oracle:collaboration_suite_10g_release_1:10.1.2.0:*:*:*:*:*:*:*
oracle collaboration_suite_10g_release_1 10.1.2.1 cpe:2.3:a:oracle:collaboration_suite_10g_release_1:10.1.2.1:*:*:*:*:*:*:*
oracle database_server 8.0.6.3 cpe:2.3:a:oracle:database_server:8.0.6.3:*:*:*:*:*:*:*
oracle database_server 8.1.7.4 cpe:2.3:a:oracle:database_server:8.1.7.4:*:*:*:*:*:*:*
oracle database_server 9.0.1.4 cpe:2.3:a:oracle:database_server:9.0.1.4:*:*:*:*:*:*:*
oracle database_server 9.0.1.5 cpe:2.3:a:oracle:database_server:9.0.1.5:*:*:*:*:*:*:*
oracle database_server 9.2.0.6 cpe:2.3:a:oracle:database_server:9.2.0.6:*:*:*:*:*:*:*
oracle database_server 9.2.0.7 cpe:2.3:a:oracle:database_server:9.2.0.7:*:*:*:*:*:*:*
oracle database_server 10.2.0.1 cpe:2.3:a:oracle:database_server:10.2.0.1:*:*:*:*:*:*:*
oracle database_server 10.2.0.2 cpe:2.3:a:oracle:database_server:10.2.0.2:*:*:*:*:*:*:*
oracle database_server 10.2.0.4 cpe:2.3:a:oracle:database_server:10.2.0.4:*:*:*:*:*:*:*
oracle database_server 10.2.0.4.2 cpe:2.3:a:oracle:database_server:10.2.0.4.2:*:*:*:*:*:*:*
oracle database_server 10.2.0.5 cpe:2.3:a:oracle:database_server:10.2.0.5:*:*:*:*:*:*:*
oracle developer_suite 6i cpe:2.3:a:oracle:developer_suite:6i:*:*:*:*:*:*:*
oracle developer_suite 9.0.4.2 cpe:2.3:a:oracle:developer_suite:9.0.4.2:*:*:*:*:*:*:*
oracle e-business_suite 11.0 cpe:2.3:a:oracle:e-business_suite:11.0:*:*:*:*:*:*:*
oracle e-business_suite 11.5.1 cpe:2.3:a:oracle:e-business_suite:11.5.1:*:*:*:*:*:*:*
oracle e-business_suite 11.5.10 cpe:2.3:a:oracle:e-business_suite:11.5.10:*:*:*:*:*:*:*
oracle e-business_suite 11.5.10.1 cpe:2.3:a:oracle:e-business_suite:11.5.10.1:*:*:*:*:*:*:*
oracle e-business_suite 11.5.10.2 cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
oracle enterprise_manager_grid_control 10.1.0.3 cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.3:*:*:*:*:*:*:*
oracle enterprise_manager_grid_control 10.1.0.4 cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.4:*:*:*:*:*:*:*
oracle enterprise_manager_grid_control 10.2.0.1 cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.1:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_tools 8.46 cpe:2.3:a:oracle:peoplesoft_enterprise_tools:8.46:ga:*:*:*:*:*:*
oracle peoplesoft_enterprise_tools 8.46.12 cpe:2.3:a:oracle:peoplesoft_enterprise_tools:8.46.12:*:*:*:*:*:*:*
oracle peoplesoft_enterprise_tools 8.47 cpe:2.3:a:oracle:peoplesoft_enterprise_tools:8.47:ga:*:*:*:*:*:*
oracle peoplesoft_enterprise_tools 8.47.04 cpe:2.3:a:oracle:peoplesoft_enterprise_tools:8.47.04:*:*:*:*:*:*:*
oracle pharmaceutical 4.5.0 cpe:2.3:a:oracle:pharmaceutical:4.5.0:*:*:*:*:*:*:*
oracle pharmaceutical 4.5.1 cpe:2.3:a:oracle:pharmaceutical:4.5.1:*:*:*:*:*:*:*
oracle pharmaceutical 4.5.2 cpe:2.3:a:oracle:pharmaceutical:4.5.2:*:*:*:*:*:*:*
oracle workflow 11.5.1 cpe:2.3:a:oracle:workflow:11.5.1:*:*:*:*:*:*:*
oracle workflow 11.5.9.5 cpe:2.3:a:oracle:workflow:11.5.9.5:*:*:*:*:*:*:*

References for CVE-2006-1884

cvelogic Threat Intelligence