CVE-2013-3758

Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management.

CVSS v2.0 4.3 MEDIUM

4.3^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://osvdb.org/95278
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
http://www.securityfocus.com/bid/61205
http://www.securitytracker.com/id/1028795
https://exchange.xforce.ibmcloud.com/vulnerabilities/85665

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:::::::*
	cpe:2.3:a:oracle:enterprise_manager:11.1.0.1:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:::::::*
	cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:::::::*
	cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:::::::*
	cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.3:::::::*

History

No history.

Information

Published : 2013-07-17 13:41

Updated : 2023-12-10 11:16

NVD link : CVE-2013-3758

Mitre link : CVE-2013-3758

CVE.ORG link : CVE-2013-3758

JSON object : View

Products Affected

oracle

enterprise_manager
enterprise_manager_plugin_for_database_control
enterprise_manager_database_control

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-3758", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-17T13:41:16.640", "references": [{"url": "http://osvdb.org/95278", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/61205", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1028795", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85665", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Enterprise Manager (EM) Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to Schema Management."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el Enterprise Manager (EM) Base Platform v10.2.0.5 y v11.1.0.1; EM DB Control v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3; y EM Plugin para DB v12.1.0.2 y v12.1.0.3 en Oracle Enterprise Manager Grid Control permite a atacantes remotos afectar la integridad mediante vectores relacionados con Schema Management."}], "lastModified": "2017-08-29T01:33:26.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D2BD533A-352B-4DD2-855B-ADFC30D71550"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager:11.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "854FF546-BF83-4997-ACFE-29FA0283CFEB"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D247515C-4850-4F98-AC50-7B65EF952F3D"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:10.2.0.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18F946F6-5D8C-4A77-B9C7-A0C35B7874B6"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0D7A293E-1C18-4533-8F66-FF87663570B4"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "122C6CB9-E0E8-45DC-B0C5-A9AAE7D3E889"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B61406E-4EF7-4366-A48E-11329F469147"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCC2E4CE-9698-4A1B-B93B-3DE2C026911A"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A315B606-DCB5-4C37-A7ED-15027445B8AD"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}