CVE-2013-3826
Published Oct 16, 2013
Last updated 7 years ago
Overview
- Description
- Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.
- Source
- secalert_us@oracle.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Evaluator
- Comment
- Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html "Network encryption (native network encryption and SSL/TLS) and strong authentication services (Kerberos, PKI, and RADIUS) are no longer part of Oracle Advanced Security and are available in all licensed editions of all supported releases of the Oracle database. To remediate this security vulnerability, customers should configure network encryption in their clients and servers to protect sensitive data sent over untrusted networks. Refer to http://docs.oracle.com/cd/E11882_01/license.112/e47877/options.htm#CIHFDJDG - "Oracle Advanced Security section" of "Oracle Database Licensing Information 11g Release 2 (11.2)" for details of this licensing change."
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDEDE937-C3D7-421C-9F70-F546AB823E1D"
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3D7157D8-4959-4F6C-BFA0-D80862393AA4"
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "165A1F85-076B-4216-8EF8-D67E6EC63A6B"
},
{
"criteria": "cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A7D10EB-D98F-4B80-AB9F-D8A9FC813E1C"
}
],
"operator": "OR"
}
]
}
]