ID CVE-2012-1737
Summary Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB 12.1.0.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Performance Advisories/UIs.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.2:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 54569
confirm http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
mandriva MDVSA-2013:150
osvdb 83945
sectrack 1027260
suse SUSE-SU-2012:1020
xf emgcl-dbp-cve20121737(77014)
Last major update 29-08-2017 - 01:31
Published 17-07-2012 - 22:55
Last modified 29-08-2017 - 01:31
Back to Top