CVE-2010-0860

2010-04-1322:30:00

[email protected]

web.nvd.nist.gov

cve-2010-0860

oracle database

vulnerability

remote authentication

confidentiality

integrity

availability

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:C/I:C/A:C

5.6 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.1%

JSON

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege.

Affected configurations

NVD

Node

oracledatabase_serverMatch9.2.0.8

oracledatabase_serverMatch9.2.0.8dv

oracledatabase_serverMatch10.1.0.5

oracledatabase_serverMatch10.2.0.4

oracledatabase_serverMatch11.1.0.7

CPENameOperatorVersion
oracle:database_serveroracle database servereq9.2.0.8
oracle:database_serveroracle database servereq9.2.0.8dv
oracle:database_serveroracle database servereq10.1.0.5
oracle:database_serveroracle database servereq10.2.0.4
oracle:database_serveroracle database servereq11.1.0.7

CPE	Name	Operator	Version
oracle:database_server	oracle database server	eq	9.2.0.8
oracle:database_server	oracle database server	eq	9.2.0.8dv
oracle:database_server	oracle database server	eq	10.1.0.5
oracle:database_server	oracle database server	eq	10.2.0.4
oracle:database_server	oracle database server	eq	11.1.0.7