CVE-2012-1737 : Unspecified vulnerability in the Enterprise Manager for Oracle Database componen

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2.0.5, EM Base Platform 11.1.0.1, EM Plugin for DB 12.1.0.1, and EM Plugin for DB 12.1.0.2, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to DB Performance Advisories/UIs.

Published 2012-07-17 22:55:02

Updated 2025-04-11 00:51:22

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2012-1737

Oracle » Database Server » Version: 11.1.0.7
cpe:2.3:a:oracle:database_server:11.1.0.7:*:*:*:*:*:*:*
Matching versions
Oracle » Database Server » Version: 11.2.0.2
cpe:2.3:a:oracle:database_server:11.2.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Database Server » Version: 11.2.0.3
cpe:2.3:a:oracle:database_server:11.2.0.3:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Manager Grid Control » Version: 10.2.0.5
cpe:2.3:a:oracle:enterprise_manager_grid_control:10.2.0.5:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Manager Grid Control » Version: 11.1.0.1
cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Manager Grid Control » Version: 12.1.0.2
cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.2:*:*:*:*:*:*:*
Matching versions
Oracle » Enterprise Manager Grid Control » Version: 12.1.0.1
cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.1:*:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2012-1737

Top countries where our scanners detected CVE-2012-1737

Top open port discovered on systems with this issue 1521

IPs affected by CVE-2012-1737 17,272

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2012-1737!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2012-1737

EPSS FAQ

1.20%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 77 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2012-1737

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.8	MEDIUM	AV:N/AC:M/Au:N/C:P/I:P/A:P	8.6	6.4	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2012-1737

http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00018.html

[security-announce] SUSE-SU-2012:1020-1: important: Security update for

CVEs referencing this url
http://www.securitytracker.com/id?1027260

Oracle Database Bugs Let Remote Users Partially Access and Modify Data and Deny Service - SecurityTracker

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html

Oracle Critical Patch Update - July 2012
Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/54569

Oracle Enterprise Manager for Oracle Database CVE-2012-1737 Multiple SQL Injection Vulnerabilities
http://osvdb.org/83945
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

mandriva.com

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/77014

Oracle Enterprise Manager Grid Control Enterprise Manager for Database DB Performance Advisories UIs unspecified CVE-2012-1737 Vulnerability Report

Jump to

Vulnerability Details : CVE-2012-1737

Products affected by CVE-2012-1737

Threat overview for CVE-2012-1737

Exploit prediction scoring system (EPSS) score for CVE-2012-1737

CVSS scores for CVE-2012-1737

References for CVE-2012-1737