Vulnerability Details : CVE-2015-2646
Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management.
Products affected by CVE-2015-2646
- cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_database_control:11.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_database_control:11.2.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_grid_control:11.1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:enterprise_manager_plugin_for_database_control:12.1.0.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-2646
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 60 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-2646
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:P/A:N |
8.6
|
2.9
|
NIST |
References for CVE-2015-2646
-
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html
[security-announce] SUSE-SU-2015:1353-1: important: Security update for
-
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Oracle Critical Patch Update - July 2015Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1032918
Oracle Enterprise Manager Grid Control Flaws Let Remote Users Partially Access and Modify Data - SecurityTracker
Jump to