CVE-2011-0836

Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC.

CVSS v2.0 3.5 LOW

3.5^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability : 6.8 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:enterpriseone_tools:8.9:::::::*
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:budle14::::::
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:bundle14::::::
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:bundle21::::::
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:bundle9::::::
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9.18:::::::*
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.98.1.4:::::::*
	cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.98.2.1:::::::*
	cpe:2.3:a:oracle:jd_edwards_enterpriseone_ep:8.9:::::::*
	cpe:2.3:a:oracle:oneworld_tools::::::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:::::::*
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle23::::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle37::::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle38::::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle41::::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:gp_2010-e::::::
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.98.4.1:::::::*
	cpe:2.3:a:oracle:peoplesoft_and_jdedwards_suite_scm:8.9:bundle37::::::

History

No history.

Information

Published : 2011-04-20 10:55

Updated : 2012-08-03 04:00

NVD link : CVE-2011-0836

Mitre link : CVE-2011-0836

CVE.ORG link : CVE-2011-0836

JSON object : View

Products Affected

oracle

oneworld_tools
enterpriseone_tools
jd_edwards_enterpriseone
peoplesoft_and_jdedwards_product_suite
peoplesoft_and_jdedwards_suite_scm
jd_edwards_enterpriseone_ep

CWE

NVD-CWE-noinfo

{"id": "CVE-2011-0836", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-04-20T10:55:01.713", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Tools 8.9 GA through 8.98.4.1 and OneWorld Tools through 24.1.3 allows remote authenticated users to affect integrity, related to Web Runtime SEC."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Oracle JD Edwards EnterpriseOne Tools 8.9 GA hasta la 8.98.4.1 y OneWorld Tools hasta la 24.1.3 permite a usuarios autenticados remotos vulnerar la integridad, relacionado con \"Web Runtime SEC\"."}], "lastModified": "2012-08-03T04:00:00.000", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:enterpriseone_tools:8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "78A56CBF-DD52-4EC9-942D-062A2D5D4BD5"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:budle14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2359221-692F-4226-B8BB-A045F4926DC8"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:bundle14:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42F9F31D-3074-4418-9566-5DB6C4367EF8"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:bundle21:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FA157884-D3C3-4866-BF66-AA10F93AF433"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9:bundle9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF51E618-EFF1-4978-8BFC-B845C8F664D8"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.9.18:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F2332EAE-75EE-415D-84A6-FE0A19D2C71B"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.98.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "768E4605-1871-435B-8FB6-DDFBD17355CA"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone:8.98.2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DB2A4D7-4E33-42DC-ABA1-7F0C035974ED"}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_ep:8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B73DAAFF-035F-4414-9A96-6A6862378FF0"}, {"criteria": "cpe:2.3:a:oracle:oneworld_tools:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE3F787C-209A-44A4-8637-2614AC4F4B0E", "versionEndIncluding": "24.1.3"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B402D231-6B6D-4AC6-ABE8-BD4A0D3E5D4B"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle23:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1A87B7C8-AD97-4AF1-A1B9-8B9D27D7B19D"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle37:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFF93D30-685A-45FA-A792-D4D3280F064D"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle38:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "153DA309-9ADA-44D2-A4B8-AAA2B0A5CDAB"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:bundle41:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1C51AFAB-4D6B-4A74-8EBF-4D246AFE3937"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.9:gp_2010-e:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E9C90A6C-A6C3-4AFD-901A-9BC3FCE47FD9"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_product_suite:8.98.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6FB06098-BD09-43CB-988A-AC2C03B6A0C8"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_and_jdedwards_suite_scm:8.9:bundle37:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEC26BC4-778F-42BE-926F-AE9FC7394278"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}