CVE-2013-3782

Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://osvdb.org/95320
http://secunia.com/advisories/54238
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html	Vendor Advisory
http://www.securityfocus.com/bid/61231
http://www.securitytracker.com/id/1028793
https://exchange.xforce.ibmcloud.com/vulnerabilities/85707

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:virtualization:4.6:::::::*
	cpe:2.3:a:oracle:virtualization:4.7:::::::*

History

No history.

Information

Published : 2013-07-17 13:41

Updated : 2017-08-29 01:33

NVD link : CVE-2013-3782

Mitre link : CVE-2013-3782

CVE.ORG link : CVE-2013-3782

JSON object : View

Products Affected

oracle

virtualization

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-3782", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-17T13:41:16.773", "references": [{"url": "http://osvdb.org/95320", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/54238", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/61231", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1028793", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85707", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Secure Global Desktop en Oracle Virtualization v4.6 anterior a v4.63 y v4.7 anterior a v4.71 permite a los usuarios remotos autenticados afectar a la integridad a trav\u00e9s de vectores desconocidos relacionados con Web UI."}], "lastModified": "2017-08-29T01:33:27.857", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:virtualization:4.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F4EB8B7-9984-42D3-847C-91FF753D159A"}, {"criteria": "cpe:2.3:a:oracle:virtualization:4.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4946E73A-27B2-4BF2-8372-65D81D42272E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}