10 matches found
CVE-2017-3234
The CVE-2017-3234 entry concerns Oracle's Automatic Service Request (ASR) component, specifically the ASR Manager, within Oracle Support Tools. Affected are versions prior to 5.7. The vulnerability allows an unauthenticated attacker with network access via SFT to compromise ASR, potentially leadi...
CVE-2017-3233
Vulnerability in Oracle Support Tools (ASR Manager) prior to 5.7 exposes ASR data to unauthenticated HTTP-access attackers. Impact: unauthorized create/delete/modify of ASR data. CVSS v3.0 base score 7.5 (I). Documented in NVD and CVE records; Oracle CP Update (APR 2017) references patches, but n...
CVE-2017-3505
CVE-2017-3505 affects the Oracle Automatic Service Request (ASR) Manager subcomponent of Oracle Support Tools, with affected versions prior to 5.7. The vulnerability enables an unauthenticated attacker who can log on to the infrastructure where ASR runs to compromise ASR, potentially allowing una...
CVE-2017-3618
Oracle CVE-2017-3618 affects the ASR Manager subcomponent of Oracle Automatic Service Request within Oracle Support Tools, with vulnerable versions prior to 5.7. The vulnerability allows a low-privilege user who can log onto the infrastructure hosting ASR to compromise ASR and gain unauthorized c...
CVE-2017-3232
The CVE-2017-3232 entry concerns Oracle’s Automatic Service Request (ASR) component, specifically the ASR Manager subcomponent of Oracle Support Tools. Affected versions are Prior to 5.7. The vulnerability is described as easily exploitable by a low-privilege user with logon to the infrastructure...
CVE-2017-3581
CVE-2017-3581 affects Oracle's Automatic Service Request (ASR) component, specifically ASR Manager, with affected versions prior to 5.7. The vulnerability is local in scope: a low-privilege user who can log on to the ASR infrastructure can compromise ASR, potentially leading to takeover of ASR. T...
CVE-2017-3620
Vulnerability CVE-2017-3620 affects Oracle Support Tools’ ASR Manager (Oracle ASR) prior to version 5.7. The flaw allows a local, low-privileged attacker with logon to the infrastructure where ASR runs to take over ASR, with impacts to confidentiality, integrity, and availability. CVSS v3.0 base ...
CVE-2017-3619
CVE-2017-3619 affects Oracle Support Tools ASR Manager (part of ASR) with impact prior to 5.7. A security vulnerability exists in ASR Manager that could allow a low-privilege, logon-enabled attacker to access data, compromising confidentiality. The CNVD/other sources indicate the affected version...
CVE-2017-3237
CVE-2017-3237 affects Oracle Automatic Service Request (ASR) within Oracle Support Tools, specifically the ASR Manager subcomponent. The vulnerability is a local, low-privilege exploitation surface that allows an attacker with logon to the infrastructure where ASR runs to compromise ASR, potentia...
CVE-2017-3504
CVE-2017-3504 affects Oracle's Automatic Service Request (ASR) Manager within Oracle Support Tools, with vulnerable versions prior to 5.7. The issue allows an unauthenticated attacker who can log on to the infrastructure running ASR to perform unauthorized updates, inserts, or deletions of ASR-ac...