CVE-2013-3770 in Oracle Oracle WebCenter Contentinfo

Zusammenfassung (Englisch)

Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 10.1.3.5.1, 11.1.1.6.0, and 11.1.1.7.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Server. NOTE: the previous information is from the October 2013 CPU. Oracle has not commented on claims from a third party that the issue is related to "iDoc script injection" in the (1) cs and (2) urm components, which allows attackers to read "sensitive" files, as demonstrated by obtaining the "AES encryption key and encrypted credentials" of the weblogic user.

Reservieren

03.06.2013

Veröffentlichung

17.07.2013

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
9593	Oracle Oracle WebCenter Content Content Server schwache Verschlüsselung	311	Unbewiesen	Offizieller Fix	CVE-2013-3770

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!