| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
Summary
A vulnerability classified as problematic has been found in Oracle Audit Vault 10.x. The affected element is the function av.action of the component av. The manipulation leads to an unknown weakness.
This vulnerability is documented as CVE-2010-4449. There is not any exploit available.
It is recommended to apply restrictive firewalling.
Details
A vulnerability, which was classified as problematic, has been found in Oracle Audit Vault 10.x. This issue affects the function av.action of the component av. Impacted is confidentiality, and integrity. The summary by CVE is:
Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue is related to a crafted parameter in an action.execute request to the av component on TCP port 5700.
The weakness was released 01/19/2011 by Maksymilian Arciemowicz (BSDaemon) with ZDI (Website). The advisory is shared at oracle.com. The identification of this vulnerability is CVE-2010-4449 since 12/06/2010. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. Technical details are known, but no exploit is available.
It is declared as proof-of-concept.
Addressing this vulnerability is possible by firewalling tcp/5700. A possible mitigation has been published even before and not after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 10669.
The vulnerability is also documented in the databases at X-Force (64762), SecurityFocus (BID 45844†), OSVDB (70583†), Secunia (SA42919†) and SecurityTracker (ID 1024973†). zerodayinitiative.com is providing further details. Entries connected to this vulnerability are available at VDB-4242, VDB-4244, VDB-4245 and VDB-4246. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Product
Vendor
Name
Version
License
Website
- Vendor: https://www.oracle.com
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.5VulDB Meta Temp Score: 5.7
VulDB Base Score: 6.5
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: UnknownCWE: Unknown
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Proof-of-Concept
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: FirewallStatus: 🔍
0-Day Time: 🔍
Firewalling: 🔍
TippingPoint: 🔍
Timeline
12/06/2010 🔍01/18/2011 🔍
01/18/2011 🔍
01/18/2011 🔍
01/18/2011 🔍
01/19/2011 🔍
01/19/2011 🔍
01/19/2011 🔍
01/22/2011 🔍
02/14/2011 🔍
03/13/2017 🔍
Sources
Vendor: oracle.comAdvisory: oracle.com
Researcher: Maksymilian Arciemowicz (BSDaemon)
Organization: ZDI
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2010-4449 (🔍)
GCVE (CVE): GCVE-0-2010-4449
GCVE (VulDB): GCVE-100-4241
X-Force: 64762 - Oracle Audit Vault av code execution, High Risk
SecurityFocus: 45844 - Oracle Audit Vault CVE-2010-4449 Remote Code Execution Vulnerability
Secunia: 42919 - Oracle Audit Vault av.action Insufficient Parameter Validation Vulnerability, Moderately Critical
OSVDB: 70583 - Oracle Audit Vault av Component action.execute Crafted Parameter Remote Code Execution
SecurityTracker: 1024973 - Oracle Audit Vault Lets Remote Users Gain Full Control
Vulnerability Center: 29230 - [cpujan2011-194091] Oracle Audit Vault 10.2.3.2 HTTP Remote Unspecified Vulnerability, Critical
Vupen: ADV-2011-0141
Misc.: 🔍
See also: 🔍
Entry
Created: 02/14/2011 10:15Updated: 03/13/2017 12:27
Changes: 02/14/2011 10:15 (82), 03/13/2017 12:27 (8)
Complete: 🔍
Cache ID: 216::103
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
No comments yet. Languages: en.
Please log in to comment.