CVE-2014-2408
Published Apr 16, 2014
Last updated 11 years ago
Overview
- Description
- Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to the "Grant Any Object Privilege."
- Source
- secalert_us@oracle.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.6
- Impact score
- 9.2
- Exploitability score
- 3.9
- Vector string
- AV:N/AC:H/Au:S/C:C/I:C/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EDEDE937-C3D7-421C-9F70-F546AB823E1D"
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "165A1F85-076B-4216-8EF8-D67E6EC63A6B"
},
{
"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C1E11A25-C7CE-49DF-99CA-352FD21B8230"
},
{
"criteria": "cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A7D10EB-D98F-4B80-AB9F-D8A9FC813E1C"
}
],
"operator": "OR"
}
]
}
]