| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 4.9 | $0-$5k | 0.00 |
Summary
A vulnerability, which was classified as problematic, has been found in Oracle Communications Unified 7. Affected by this vulnerability is an unknown functionality of the component Calendar Server. Performing a manipulation results in an unknown weakness. This vulnerability is identified as CVE-2011-3574. The attack is only possible with local access. There is not any exploit available. Applying a patch is the recommended action to fix this issue.
Details
A vulnerability was found in Oracle Communications Unified 7 (Cloud Software). It has been classified as problematic. This affects an unknown functionality of the component Calendar Server. This is going to have an impact on confidentiality, and integrity. The summary by CVE is:
Unspecified vulnerability in Oracle Communications Unified 7.0 allows local users to affect confidentiality and integrity via unknown vectors related to Calendar Server.
The weakness was released 01/17/2012 with Oracle (Website). The advisory is shared at oracle.com. This vulnerability is uniquely identified as CVE-2011-3574 since 09/16/2011. An attack has to be approached locally. No form of authentication is needed for exploitation. Neither technical details nor an exploit are publicly available.
Applying a patch is able to eliminate this problem. The bugfix is ready for download at oracle.com. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (72505), SecurityFocus (BID 51489†) and Vulnerability Center (SBV-34293†). Entries connected to this vulnerability are available at VDB-4564, VDB-4560, VDB-4566 and VDB-4559. If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Product
Type
Vendor
Name
Version
License
Website
- Vendor: https://www.oracle.com
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.1VulDB Meta Temp Score: 4.9
VulDB Base Score: 5.1
VulDB Temp Score: 4.9
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: UnknownCWE: Unknown
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: oracle.com
Timeline
09/16/2011 🔍01/17/2012 🔍
01/17/2012 🔍
01/17/2012 🔍
01/18/2012 🔍
01/18/2012 🔍
01/22/2012 🔍
04/19/2012 🔍
04/19/2017 🔍
Sources
Vendor: oracle.comAdvisory: oracle.com
Organization: Oracle
Status: Not defined
Confirmation: 🔍
CVE: CVE-2011-3574 (🔍)
GCVE (CVE): GCVE-0-2011-3574
GCVE (VulDB): GCVE-100-5181
X-Force: 72505
SecurityFocus: 51489 - Oracle Communications Unified CVE-2011-3574 Local Oracle Communications Unified Vulnerability
Vulnerability Center: 34293 - [cpujan2012-366304] Oracle Communications Unified 7.0 Calendar Server Unspecified Local Vulnerability (CVE-2011-3574), Low
See also: 🔍
Entry
Created: 04/19/2012 21:00Updated: 04/19/2017 10:29
Changes: 04/19/2012 21:00 (55), 04/19/2017 10:29 (9)
Complete: 🔍
Cache ID: 216::103
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
No comments yet. Languages: en.
Please log in to comment.