ID CVE-2015-4798
Summary Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Listener, a different vulnerability than CVE-2015-4839. Per <a href=http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html>LINK</a>: The CVSS score is 10.0 for the Windows platform. The CVSS score is 7.5 (Confidentiality, Integrity and Availability is "Partial+") for Linux, Unix and other platforms.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:e-business_suite:11.5.10.2:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 24-12-2016 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 77250
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
sectrack 1033877
Last major update 24-12-2016 - 02:59
Published 21-10-2015 - 21:59
Back to Top