Vulnerability Details : CVE-2012-1737
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB 12.1.0.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Performance Advisories/UIs.
Products affected by CVE-2012-1737
- cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.1:*:*:*:*:*:*:*
Threat overview for CVE-2012-1737
Top countries where our scanners detected CVE-2012-1737
Top open port discovered on systems with this issue
1521
IPs affected by CVE-2012-1737 17,272
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2012-1737!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2012-1737
1.20%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2012-1737
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST |
References for CVE-2012-1737
-
http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00018.html
[security-announce] SUSE-SU-2012:1020-1: important: Security update for
-
http://www.securitytracker.com/id?1027260
Oracle Database Bugs Let Remote Users Partially Access and Modify Data and Deny Service - SecurityTracker
-
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html
Oracle Critical Patch Update - July 2012Vendor Advisory
-
http://www.securityfocus.com/bid/54569
Oracle Enterprise Manager for Oracle Database CVE-2012-1737 Multiple SQL Injection Vulnerabilities
-
http://osvdb.org/83945
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150
mandriva.com
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/77014
Oracle Enterprise Manager Grid Control Enterprise Manager for Database DB Performance Advisories UIs unspecified CVE-2012-1737 Vulnerability Report
Jump to