CVE-2015-2647

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management.

CVSS v2.0 5.5 MEDIUM

5.5^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:N

Exploitability : 8.0 / Impact : 4.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	Patch Vendor Advisory
http://www.securitytracker.com/id/1032918
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	Patch Vendor Advisory
http://www.securitytracker.com/id/1032918

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.5:::::::*
	cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.6:::::::*
	cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.7:::::::*

Configuration 2 (hide)

OR	cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:::::::*

Configuration 3 (hide)

cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*

History

21 Nov 2024, 02:27

Type	Values Removed	Values Added
References	~~() http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html -
References	~~() http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html - Patch, Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html - Patch, Vendor Advisory
References	~~() http://www.securitytracker.com/id/1032918 -~~	() http://www.securitytracker.com/id/1032918 -

Information

Published : 2015-07-16 11:00

Updated : 2024-11-21 02:27

NVD link : CVE-2015-2647

Mitre link : CVE-2015-2647

CVE.ORG link : CVE-2015-2647

JSON object : View

Products Affected

oracle

enterprise_manager_database_control
enterprise_manager_plugin_for_database_control
enterprise_manager_grid_control

CWE

NVD-CWE-noinfo

5.5 /10