Lucene search

[email protected]CVE-2010-4449

HistoryJan 19, 2011 - 5:00 p.m.

CVE-2010-4449

2011-01-1917:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2010-4449

oracle audit vault

vulnerability

confidentiality

integrity

availability

nvd

security issue

tcp port 5700

5.9 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.08 Low

EPSS

Percentile

94.3%

JSON

Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue is related to a crafted parameter in an action.execute request to the av component on TCP port 5700.

CPENameOperatorVersion
oracle:audit_vaultoracle audit vaulteq10.2.3.2

CPE	Name	Operator	Version
oracle:audit_vault	oracle audit vault	eq	10.2.3.2

References

osvdb.org/70583

secunia.com/advisories/42919

www.oracle.com/technetwork/topics/security/cpujan2011-194091.html

www.securityfocus.com/bid/45844

www.securitytracker.com/id?1024973

www.vupen.com/english/advisories/2011/0141

www.zerodayinitiative.com/advisories/ZDI-11-017/

exchange.xforce.ibmcloud.com/vulnerabilities/64762

5.9 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.08 Low

EPSS

Percentile

94.3%

JSON

Related for CVE-2010-4449

zdi1 prion1 cvelist1 threatpost1 securityvulns1 oracle1