CVE-2012-1743

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround.

CVSS v2.0 2.8 LOW

2.8^/10

CVSS v2.0 : LOW

V2 Legend

Vector : AV:N/AC:M/Au:M/C:P/I:N/A:N

Exploitability : 5.5 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication MULTIPLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	Vendor Advisory
http://www.securityfocus.com/bid/54563
http://www.securitytracker.com/id?1027266
http://osvdb.org/83972
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
https://exchange.xforce.ibmcloud.com/vulnerabilities/77040

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:industry_applications:4.6.0:::::::*
	cpe:2.3:a:oracle:industry_applications:4.6.2:::::::*
	cpe:2.3:a:oracle:industry_applications:4.6.3:::::::*

Information

Published : 2012-07-17 15:55

Updated : 2017-08-28 18:31

NVD link : CVE-2012-1743

Mitre link : CVE-2012-1743

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

industry_applications

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/54563", "name": "54563", "tags": [], "refsource": "BID"}, {"url": "http://www.securitytracker.com/id?1027266", "name": "1027266", "tags": [], "refsource": "SECTRACK"}, {"url": "http://osvdb.org/83972", "name": "83972", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "name": "MDVSA-2013:150", "tags": [], "refsource": "MANDRIVA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77040", "name": "clinicalremote-html-info-disc(77040)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2012-1743", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:M/C:P/I:N/A:N", "authentication": "MULTIPLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 5.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2012-07-17T22:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:industry_applications:4.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:industry_applications:4.6.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:industry_applications:4.6.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:31Z"}

2.8 /10