CVE-2011-0822

Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:database_server:10.1.0.5:::::::*
	cpe:2.3:a:oracle:database_server:10.2.0.3:::::::*

Configuration 2 (hide)

cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.6:*:*:*:*:*:*:*

History

No history.

Information

Published : 2011-07-20 22:55

Updated : 2014-10-04 04:34

NVD link : CVE-2011-0822

Mitre link : CVE-2011-0822

CVE.ORG link : CVE-2011-0822

JSON object : View

Products Affected

oracle

enterprise_manager_grid_control
database_server

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-0822", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-07-20T22:55:01.173", "references": [{"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html", "tags": ["US Government Resource"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en los componentes Streams, AQ & Replication Mgmt de Oracle Database Server v10.1.0.5 y v10.2.0.3, y Oracle Enterprise Manager Grid Control v10.1.0.6, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos."}], "lastModified": "2014-10-04T04:34:35.210", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03A522A3-07D7-481F-A538-EA3D13256F63"}, {"criteria": "cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED41086B-840A-4B39-B249-461A4B00B57B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:enterprise_manager_grid_control:10.1.0.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76B2310D-3552-4B98-BA02-A3E126414AED"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}