Lucene search

K
cnvdChina National Vulnerability DatabaseCNVD-2021-102412
HistoryOct 20, 2021 - 12:00 a.m.

Oracle HTTP Server Unauthorized Access Vulnerability (CNVD-2021-102412)

2021-10-2000:00:00
China National Vulnerability Database
www.cnvd.org.cn
7

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Oracle HTTP Server is a web server component of Oracle Fusion Middleware. an unauthorized access vulnerability exists in the Web Listener component of Oracle HTTP Server version 11.1.1.9.0. A successful attack could result in unauthorized update, insert, or delete access to certain Oracle HTTP Server-accessible data.

CPENameOperatorVersion
Oracle Oracle HTTP Server 11.1.eq1.9.0

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

Related for CNVD-2021-102412