CVE-2013-3816

Unspecified vulnerability in the Oracle Policy Automation component in Oracle Industry Applications 10.2.0, 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Determinations Engine.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://osvdb.org/95302
http://secunia.com/advisories/54234
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html	Vendor Advisory
http://www.securitytracker.com/id/1028797
https://exchange.xforce.ibmcloud.com/vulnerabilities/85689

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:industry_applications:10.2.0:::::::*
	cpe:2.3:a:oracle:industry_applications:10.3.0:::::::*
	cpe:2.3:a:oracle:industry_applications:10.3.1:::::::*
	cpe:2.3:a:oracle:industry_applications:10.4.0:::::::*
	cpe:2.3:a:oracle:industry_applications:10.4.1:::::::*
	cpe:2.3:a:oracle:industry_applications:10.4.2:::::::*

History

No history.

Information

Published : 2013-07-17 13:41

Updated : 2017-08-29 01:33

NVD link : CVE-2013-3816

Mitre link : CVE-2013-3816

CVE.ORG link : CVE-2013-3816

JSON object : View

Products Affected

oracle

industry_applications

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-3816", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-17T13:41:16.950", "references": [{"url": "http://osvdb.org/95302", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/54234", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1028797", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85689", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Policy Automation component in Oracle Industry Applications 10.2.0, 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Determinations Engine."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente Oracle Policy Automation en Oracle Industry Applications 10.2.0, 10.3.0, 10.3.1, 10.4.0, 10.4.1, and 10.4.2, permite a atacantes remotos comprometer la confidencialidad a trav\u00e9s de vectores no especificados relacionados con Determinations Engine."}], "lastModified": "2017-08-29T01:33:29.480", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:industry_applications:10.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3128B11F-744F-4902-9D26-228720857DB1"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:10.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9D6A48AF-017A-46C9-9763-55FAE71CC45C"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:10.3.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6F2DAED-3184-4838-98CE-2C3FDF5C6E60"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:10.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9FAB9F1-1E3C-4386-A8C7-98115F5CAC1D"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:10.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8165804F-C28B-4C96-A880-E41EA2E6FCB2"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:10.4.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0AC66C46-B3B0-4631-9D59-9FCBD8E8F370"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}