Oracle Enterprise Manager Cloud Control (Jan 2021 CPU)

The 13.3.0.0, 13.4.0.0, and 13.2.1.0 versions of Enterprise Manager Base Platform installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2021 CPU advisory. - Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager...

CVE-2020-2946

Vulnerability in the Application Performance Management product of Oracle Enterprise Manager component: EM Request Monitoring. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2961

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework Oracle OHS. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2020-2961

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Discovery Framework Oracle OHS. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Unspecified Vulnerability in Oracle Enterprise Manager Base Platform (CNVD-2020-28003)

Oracle Enterprise Manager is Oracle's on-premises deployment management platform that provides a single management platform for managing all customer Oracle deployments.Enterprise Manager Base Platform is the complete installer that includes OMS, agents, repositories, and management plug-ins. A...

CVE-2020-2646

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Command Line Interface. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2020-2642

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Connector Framework. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2643

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Job System. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

CVE-2020-2636

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Application Service Level Mgmt. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

CVE-2020-2630

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Extensibility Framework. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2637

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager component: Change Manager - web based. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access vi...

CVE-2020-2632

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: System Monitoring. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2628

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Host Management. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2623

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Metrics Framework. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...

CVE-2020-2626

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Cloud Control Manager - OMS. Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTT...

Code injection

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager component: Repository. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise...

CVE-2020-2614

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager component: APM Mesh. Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...

Oracle Enterprise Manager for Oracle Database Denial of Service Vulnerability (CNVD-2020-09951)

Oracle Enterprise Manager for Oracle Database is Oracle's on-premise management platform for Oracle Database. A security vulnerability exists in the Enterprise Config Management component in Oracle Enterprise Manager for Oracle Database 12.1.0.5, 13.2.0.0, 13.3.0.0. An attacker could exploit this...