Vulnerability Details : CVE-2015-2654
Unspecified vulnerability in the Data Store component in Oracle Berkeley DB 11.2.5.1.29, 11.2.5.2.42, 11.2.5.3.28, and 12.1.6.0.35 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2583, CVE-2015-2624, CVE-2015-2626, CVE-2015-2640, CVE-2015-2656, CVE-2015-4754, CVE-2015-4764, CVE-2015-4775, CVE-2015-4776, CVE-2015-4777, CVE-2015-4778, CVE-2015-4780, CVE-2015-4781, CVE-2015-4782, CVE-2015-4783, CVE-2015-4784, CVE-2015-4785, CVE-2015-4786, CVE-2015-4787, CVE-2015-4789, and CVE-2015-4790.
Exploit prediction scoring system (EPSS) score for CVE-2015-2654
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-2654
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
References for CVE-2015-2654
-
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Oracle Critical Patch Update - July 2015Patch;Vendor Advisory
Products affected by CVE-2015-2654
- cpe:2.3:a:oracle:berkeley_db:12.1.6.0.35:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:berkeley_db:11.2.5.2.42:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:berkeley_db:11.2.5.1.29:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:berkeley_db:11.2.5.3.28:*:*:*:*:*:*:*