CVE-2015-2647

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:N
oracleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
oracleenterprise_manager_plugin_for_database_control
12.1.0.5
oracleenterprise_manager_plugin_for_database_control
12.1.0.6
oracleenterprise_manager_plugin_for_database_control
12.1.0.7
oracleenterprise_manager_database_control
11.1.0.7
oracleenterprise_manager_database_control
11.2.0.3
oracleenterprise_manager_database_control
11.2.0.4
oracleenterprise_manager_grid_control
11.1.0.1
𝑥
= Vulnerable software versions
References
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.securitytracker.com/id/1032918
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.securitytracker.com/id/1032918