Lucene search

[email protected]CVE-2009-1977

HistoryJul 14, 2009 - 11:30 p.m.

CVE-2009-1977

2009-07-1423:30:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2009-1977

oracle

secure backup

vulnerability

remote attackers

confidentiality

integrity

availability

bypass authentication

5.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.831 High

EPSS

Percentile

98.4%

JSON

Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the July 2009 Oracle CPU. Oracle has not commented on claims from an independent researcher that this vulnerability allows attackers to bypass authentication via unknown vectors involving the username parameter and login.php.

CPENameOperatorVersion
oracle:secure_backuporacle secure backupeq10.2.0.3

CPE	Name	Operator	Version
oracle:secure_backup	oracle secure backup	eq	10.2.0.3

References

osvdb.org/55903

secunia.com/advisories/35776

www.oracle.com/technetwork/topics/security/cpujul2009-091332.html

www.securityfocus.com/bid/35672

www.securitytracker.com/id?1022565

www.vupen.com/english/advisories/2009/1900

www.zerodayinitiative.com/advisories/ZDI-09-058/

exchange.xforce.ibmcloud.com/vulnerabilities/51761

5.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.831 High

EPSS

Percentile

98.4%

JSON

Related for CVE-2009-1977

prion1 nessus1 zdi1 checkpoint_advisories1 securityvulns3 packetstorm1 seebug1 exploitpack1 dsquare1 exploitdb1 oracle1