CVE-2012-1743

Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround.

CVSS v2.0 2.8 LOW

2.8^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:M/C:P/I:N/A:N

Exploitability : 5.5 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication MULTIPLE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References

Link	Resource
http://osvdb.org/83972
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	Vendor Advisory
http://www.securityfocus.com/bid/54563
http://www.securitytracker.com/id?1027266
https://exchange.xforce.ibmcloud.com/vulnerabilities/77040

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:industry_applications:4.6.0:::::::*
	cpe:2.3:a:oracle:industry_applications:4.6.2:::::::*
	cpe:2.3:a:oracle:industry_applications:4.6.3:::::::*

History

No history.

Information

Published : 2012-07-17 22:55

Updated : 2024-02-28 12:00

NVD link : CVE-2012-1743

Mitre link : CVE-2012-1743

CVE.ORG link : CVE-2012-1743

JSON object : View

Products Affected

oracle

industry_applications

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-1743", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:M/C:P/I:N/A:N", "authentication": "MULTIPLE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 5.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-07-17T22:55:02.020", "references": [{"url": "http://osvdb.org/83972", "source": "secalert_us@oracle.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/54563", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1027266", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77040", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Clinical Remote Data Capture Option component in Oracle Industry Applications 4.6.0.x, 4.6.2, and 4.6.3 allows remote authenticated users to affect confidentiality, related to HTML Surround."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Clinical Remote Data Capture Option en Oracle Industry Applications v4.6.0.x, v4.6.2 y v4.6.3 permite a usuarios autenticados remotamente afectar a la confidencialidad, relacionada con HTML Surround."}], "lastModified": "2017-08-29T01:31:22.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:industry_applications:4.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DA06892-9985-41DC-A9A2-D7CC8D9016FA"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:4.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A82E8B4A-9BEC-42CC-BEED-30944EE0A160"}, {"criteria": "cpe:2.3:a:oracle:industry_applications:4.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "53CE3836-C2EF-455E-9686-D72C1108500E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}