Lucene search

[email protected]CVE-2010-3583

HistoryOct 14, 2010 - 6:00 p.m.

CVE-2010-3583

2010-10-1418:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

oraclevm

vulnerability

confidentiality

integrity

availability

oracle

oracle vm 2.2.1

cve-2010-3583

nvd

5.8 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.9%

JSON

Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to ovs-agent. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a third party researcher that this is related to the exposure of multiple unspecified functions through XML-RPC that allow execution of arbitrary OS commands.

CPENameOperatorVersion
oracle:vmoracle vmeq2.2.1

CPE	Name	Operator	Version
oracle:vm	oracle vm	eq	2.2.1

References

www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html

www.securityfocus.com/archive/1/514613/100/0/threaded

www.us-cert.gov/cas/techalerts/TA10-287A.html

5.8 Medium

AI Score

Confidence

Low

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.005 Low

EPSS

Percentile

75.9%

JSON

Related for CVE-2010-3583

securityvulns3 prion1 cvelist1 nessus1 oracle1