| ID |
CVE-2014-2408
|
| Summary |
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege." |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*
-
cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.6 (as of 16-04-2014 - 17:56) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
HIGH |
SINGLE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:H/Au:S/C:C/I:C/A:N
|
| refmap
via4
|
|
| Last major update |
16-04-2014 - 17:56 |
| Published |
16-04-2014 - 01:55 |
| Last modified |
16-04-2014 - 17:56 |
