CVE-2011-3532

Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html	Vendor Advisory
http://www.securityfocus.com/bid/50227
http://www.securitytracker.com/id?1026205
https://exchange.xforce.ibmcloud.com/vulnerabilities/70805

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:supply_chain_products_suite:5.2.2:::::::*
	cpe:2.3:a:oracle:supply_chain_products_suite:6.0.0.2:::::::*
	cpe:2.3:a:oracle:supply_chain_products_suite:6.0.0.3:::::::*
	cpe:2.3:a:oracle:supply_chain_products_suite:6.0.0.4:::::::*

History

No history.

Information

Published : 2011-10-18 22:55

Updated : 2024-02-28 11:41

NVD link : CVE-2011-3532

Mitre link : CVE-2011-3532

CVE.ORG link : CVE-2011-3532

JSON object : View

Products Affected

oracle

supply_chain_products_suite

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-3532", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-10-18T22:55:04.277", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/50227", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1026205", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70805", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Agile Product Supplier Collaboration for Process component in Oracle Supply Chain Products Suite 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4 allows remote attackers to affect confidentiality via unknown vectors related to Supplier Portal."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Agile Product Supplier Collaboration for Process en Oracle Supply Chain Products Suite v5.2.2, v6.0.0.2, v6.0.0.3, and v6.0.0.4 permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con el Supplier Portal."}], "lastModified": "2017-08-29T01:30:14.240", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:5.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9996DB3E-1D81-4273-AF43-ED728CAADB03"}, {"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.0.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "81F5243A-0FC2-448F-A976-28D63203B0A3"}, {"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.0.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1EC99410-B170-4C2F-939A-F185CADF4483"}, {"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:6.0.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2D1E8A30-74E1-4749-9593-4881DD9B1B25"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}