ID CVE-2015-2646
Summary Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.7:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 28-12-2016 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
confirm http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
sectrack 1032918
suse SUSE-SU-2015:1353
Last major update 28-12-2016 - 02:59
Published 16-07-2015 - 11:00
Last modified 28-12-2016 - 02:59
Back to Top