Vulnerability Details : CVE-2013-3791
Unspecified vulnerability in Enterprise Manager (EM) Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework.
Products affected by CVE-2013-3791
- cpe:2.3:a:oracle:enterprise_manager:10.2.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_grid_control:*:*:*:*:*:*:*:*
Threat overview for CVE-2013-3791
Top countries where our scanners detected CVE-2013-3791
Top open port discovered on systems with this issue
21
IPs affected by CVE-2013-3791 2
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2013-3791!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2013-3791
0.53%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 77 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-3791
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
References for CVE-2013-3791
-
http://www.securityfocus.com/bid/61213
Oracle Enterprise Manager Base Platform CVE-2013-3791 Remote Security Vulnerability
-
http://www.securitytracker.com/id/1028795
Oracle Enterprise Manager Bugs Let Remote Users Partially Modify Data - SecurityTracker
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/85666
Oracle Enterprise Manager Grid Control User Interface Framework unspecified CVE-2013-3791 Vulnerability Report
-
http://jvn.jp/en/jp/JVN26103805/index.html
JVN#26103805: Oracle Enterprise Manager vulnerable to cross-site scripting
-
http://jvndb.jvn.jp/jvndb/JVNDB-2013-003391
JVNDB-2013-003391 - JVN iPedia - 脆弱性対策情報データベース
-
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
Oracle Critical Patch Update - July 2013Vendor Advisory
Jump to