CVE-2011-2299

Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP).

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html	Patch Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA11-201A.html	US Government Resource

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:xcp::::::::
	cpe:2.3:h:oracle:sparc_enterprise_m3000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m4000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m5000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m8000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m9000_server:-:::::::*

History

No history.

Information

Published : 2011-07-21 00:55

Updated : 2011-10-05 02:54

NVD link : CVE-2011-2299

Mitre link : CVE-2011-2299

CVE.ORG link : CVE-2011-2299

JSON object : View

Products Affected

oracle

sparc_enterprise_m8000_server
sparc_enterprise_m4000_server
sparc_enterprise_m3000_server
sparc_enterprise_m9000_server
sparc_enterprise_m5000_server
xcp

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-2299", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-07-21T00:55:02.223", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html", "tags": ["US Government Resource"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP)."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle SPARC Enterprise M3000, M4000, M5000, M8000, M9000 y XCP 1101 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad, en relaci\u00f3n con el paquete de control de XSCF (XCP)."}], "lastModified": "2011-10-05T02:54:56.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:xcp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "885CFFC2-ABF5-47F1-BE4D-28B6B8692536", "versionEndIncluding": "1100"}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m3000_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE985481-02B0-4813-9390-33BDD24257A1"}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m4000_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4449463C-0681-42F7-887B-719E3FA06DE2"}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m5000_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F96C3AEE-6D8F-445B-8F20-B02C93560C4E"}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m8000_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F528DC3-ADBB-4612-A8C0-A4B806E5BB44"}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m9000_server:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E0050034-1E95-4724-B359-87C56D0198C4"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}