Vulnerability Name: CVE-2012-3184 (CCN-79308) Assigned: 2012-10-16 Published: 2012-10-16 Updated: 2013-10-11 Summary: Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote attackers to affect integrity via unknown vectors related to Advanced UI. CVSS v3 Severity: 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): LowAvailibility (A): None
CVSS v2 Severity: 4.3 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N 3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N/E:H/RL:OF/RC:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): PartialAvailibility (A): None
Vulnerability Type: CWE-noinfo Vulnerability Consequences: Gain Access References: Source: MITRECVE-2012-3184 Oracle WebCenter Sites Multiple Vulnerabilities MDVSA-2013:150 Oracle Critical Patch Update Advisory - October 2012 http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html Oracle WebCenter Sites CVE-2012-3184 Remote Security Vulnerability Oracle Java SE CVE-2012-5082 Remote Security Vulnerability imagingandprocessmanagement-ui-xss(79308) Vulnerable Configuration: Configuration 1 :cpe:/a:oracle:fusion_middleware:6.0:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.5:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0.3:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.5:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.1:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:7.0:*:*:*:*:*:*:* OR cpe:/a:oracle:fusion_middleware:6.0:*:*:*:*:*:*:* BACK
oracle fusion middleware 6.0
oracle fusion middleware 6.1
oracle fusion middleware 6.2
oracle fusion middleware 6.3
oracle fusion middleware 7.0
oracle fusion middleware 7.0.1
oracle fusion middleware 7.0.2
oracle fusion middleware 7.0.3
oracle fusion middleware 7.5
oracle fusion middleware 7.6.1
oracle fusion middleware 7.6.2
oracle fusion middleware 11.1.1.6.0
oracle fusion middleware 11.1.1.6.0
oracle fusion middleware 6.1
oracle fusion middleware 6.2
oracle fusion middleware 6.3
oracle fusion middleware 7.0.1
oracle fusion middleware 7.0.2
oracle fusion middleware 7.0.3
oracle fusion middleware 7.5
oracle fusion middleware 7.6.1
oracle fusion middleware 7.6.2
oracle fusion middleware 7.0
oracle fusion middleware 6.0
Denotes that component is vulnerable