CVE-2013-3830

Unspecified vulnerability in the Hyperion Strategic Finance component in Oracle Hyperion 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server.

CVSS v2.0 7.1 HIGH

7.1^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:H/Au:S/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://osvdb.org/102113
http://secunia.com/advisories/56470
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html	Vendor Advisory
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/64821

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.1:::::::*
	cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.2:::::::*

History

No history.

Information

Published : 2014-01-15 16:11

Updated : 2024-02-28 12:00

NVD link : CVE-2013-3830

Mitre link : CVE-2013-3830

CVE.ORG link : CVE-2013-3830

JSON object : View

Products Affected

oracle

hyperion_interactive_reporting

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-3830", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.1, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-01-15T16:11:04.613", "references": [{"url": "http://osvdb.org/102113", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/56470", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/64758", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/64821", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Hyperion Strategic Finance component in Oracle Hyperion 11.1.2.1 and 11.1.2.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Hyperion Strategic Finance de Oracle Hyperion 11.1.2.1 y 11.1.2.2 permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Server."}], "lastModified": "2014-01-28T04:54:09.653", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C78DD13A-B296-454C-A2E2-E4F90B85609D"}, {"criteria": "cpe:2.3:a:oracle:hyperion_interactive_reporting:11.1.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D88A52E1-FBED-47FC-A05A-C9CABA13F3DF"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}