CVE-2013-3791

Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html	Vendor Advisory
http://osvdb.org/95279
http://www.securitytracker.com/id/1028795
http://www.securityfocus.com/bid/61213
http://jvn.jp/en/jp/JVN26103805/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391
https://exchange.xforce.ibmcloud.com/vulnerabilities/85666

Advertisement

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:oracle:enterprise_manager_grid_control::::::::
	cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:::::::*

Information

Published : 2013-07-17 06:41

Updated : 2017-08-28 18:33

NVD link : CVE-2013-3791

Mitre link : CVE-2013-3791

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

oracle

enterprise_manager
enterprise_manager_database_control
enterprise_manager_grid_control

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://osvdb.org/95279", "name": "95279", "tags": [], "refsource": "OSVDB"}, {"url": "http://www.securitytracker.com/id/1028795", "name": "1028795", "tags": [], "refsource": "SECTRACK"}, {"url": "http://www.securityfocus.com/bid/61213", "name": "61213", "tags": [], "refsource": "BID"}, {"url": "http://jvn.jp/en/jp/JVN26103805/index.html", "name": "JVN#26103805", "tags": [], "refsource": "JVN"}, {"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391", "name": "JVNDB-2013-003391", "tags": [], "refsource": "JVNDB"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85666", "name": "oracle-cpujuly2013-cve20133791(85666)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-3791", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-07-17T13:41Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_grid_control:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:33Z"}