CVE-2015-0396

Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Admin Console.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/62480
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/72121
http://www.securitytracker.com/id/1031570
https://exchange.xforce.ibmcloud.com/vulnerabilities/100073

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:fusion_middleware:3.0.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:3.1.2:::::::*

History

No history.

Information

Published : 2015-01-21 18:59

Updated : 2023-12-10 11:31

NVD link : CVE-2015-0396

Mitre link : CVE-2015-0396

CVE.ORG link : CVE-2015-0396

JSON object : View

Products Affected

oracle

fusion_middleware

CWE

NVD-CWE-noinfo

{"id": "CVE-2015-0396", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-01-21T18:59:39.637", "references": [{"url": "http://secunia.com/advisories/62480", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/72121", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1031570", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100073", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.0.1 and 3.1.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Admin Console."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle GlassFish Server en Oracle Fusion Middleware 3.0.1 y 3.1.2 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Admin Console."}], "lastModified": "2017-09-08T01:29:42.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:3.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6D8ECF3-446C-4698-8A0D-77983E5C8C73"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41E6A1C1-BDF6-4C1C-A089-E6537E3D576C"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}