ID CVE-2015-4914
Summary Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 10.1.3.5, 11.1.1.7, 11.1.1.9, 12.1.2.0, and 12.1.3.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Web Listener.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:fusion_middleware:10.1.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:10.1.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:11.1.1.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:11.1.1.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:11.1.1.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:11.1.1.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:12.1.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:12.1.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:12.1.3.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:12.1.3.0:*:*:*:*:*:*:*
CVSS
Base: 3.5 (as of 24-12-2016 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:S/C:P/I:N/A:N
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
sectrack 1033907
Last major update 24-12-2016 - 02:59
Published 22-10-2015 - 00:00
Back to Top