ID CVE-2010-2390
Summary Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:10.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:10.1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:10.1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:fusion_middleware:10.1.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:fusion_middleware:10.1.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:*:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_grid_control:*:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 11-11-2010 - 06:48)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
cert TA10-287A
confirm http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
Last major update 11-11-2010 - 06:48
Published 14-10-2010 - 00:00
Last modified 11-11-2010 - 06:48
Back to Top