Vulnerability Name:

CVE-2013-5856 (CCN-87953)

Assigned:2013-10-15
Published:2013-10-15
Updated:2013-10-31
Summary:Unspecified vulnerability in the Oracle Health Sciences InForm component in Oracle Industry Applications 4.5 SP3, 4.5 SP3a-k, 4.6 SP0, 4.6 SP0a-c, 4.6 SP1, 4.6 SP1a-c, 4.6 SP2, 4.6 SP2a-c, 5.0 SP0, 5.0 SP0a, 5.0 SP1, 5.0 SP1a-b, 5.5 SP0, 5.5 SP0b, 5.5.1, and 6.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Web.
CVSS v3 Severity:3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:3.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N)
2.6 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
3.6 Low (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N)
2.6 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:S/C:P/I:P/A:N/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Unknown
References:Source: MITRE
Type: CNA
CVE-2013-5856

Source: OSVDB
Type: UNKNOWN
98493

Source: CCN
Type: Oracle Web site
Oracle Critical Patch Update - October 2013

Source: CONFIRM
Type: Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html

Source: CCN
Type: OSVDB ID: 98493
Oracle Health Sciences InForm Web Subcomponent Unspecified Remote Issue (2013-5856)

Source: BID
Type: UNKNOWN
63099

Source: CCN
Type: BID-63099
Oracle Industry Applications CVE-2013-5856 Remote Security Vulnerability

Source: XF
Type: UNKNOWN
oracle-cpuoct2013-cve20135856(87953)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:oracle:industry_applications:4.5:sp3:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3d:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3e:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3f:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3g:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3h:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3i:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3j:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3k:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp0:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp0a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp1a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp1b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.5:sp0:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.5:sp0b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:6.0.0:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:oracle:industry_applications:5.5:sp0:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.5:sp0b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:6.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp0:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp0a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp1:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp1a:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3d:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3e:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3f:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3g:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3h:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3i:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3j:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.5:sp3k:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp0c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp1c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2b:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:4.6:sp2c:*:*:*:*:*:*
  • OR cpe:/a:oracle:industry_applications:5.0:sp1b:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    oracle industry applications 4.5 sp3
    oracle industry applications 4.5 sp3a
    oracle industry applications 4.5 sp3b
    oracle industry applications 4.5 sp3c
    oracle industry applications 4.5 sp3d
    oracle industry applications 4.5 sp3e
    oracle industry applications 4.5 sp3f
    oracle industry applications 4.5 sp3g
    oracle industry applications 4.5 sp3h
    oracle industry applications 4.5 sp3i
    oracle industry applications 4.5 sp3j
    oracle industry applications 4.5 sp3k
    oracle industry applications 4.6 sp0
    oracle industry applications 4.6 sp0a
    oracle industry applications 4.6 sp0b
    oracle industry applications 4.6 sp0c
    oracle industry applications 4.6 sp1
    oracle industry applications 4.6 sp1a
    oracle industry applications 4.6 sp1b
    oracle industry applications 4.6 sp1c
    oracle industry applications 4.6 sp2
    oracle industry applications 4.6 sp2a
    oracle industry applications 4.6 sp2b
    oracle industry applications 4.6 sp2c
    oracle industry applications 5.0 sp0
    oracle industry applications 5.0 sp0a
    oracle industry applications 5.0 sp1
    oracle industry applications 5.0 sp1a
    oracle industry applications 5.0 sp1b
    oracle industry applications 5.5 sp0
    oracle industry applications 5.5 sp0b
    oracle industry applications 5.5.1
    oracle industry applications 6.0.0
    oracle industry applications 5.5 sp0
    oracle industry applications 5.5 sp0b
    oracle industry applications 5.5.1
    oracle industry applications 6.0.0
    oracle industry applications 4.5 sp3
    oracle industry applications 4.5 sp3a
    oracle industry applications 4.6 sp0
    oracle industry applications 4.6 sp0a
    oracle industry applications 4.6 sp1
    oracle industry applications 4.6 sp1a
    oracle industry applications 4.6 sp2
    oracle industry applications 4.6 sp2a
    oracle industry applications 5.0 sp0
    oracle industry applications 5.0 sp0a
    oracle industry applications 5.0 sp1
    oracle industry applications 5.0 sp1a
    oracle industry applications 4.5 sp3b
    oracle industry applications 4.5 sp3c
    oracle industry applications 4.5 sp3d
    oracle industry applications 4.5 sp3e
    oracle industry applications 4.5 sp3f
    oracle industry applications 4.5 sp3g
    oracle industry applications 4.5 sp3h
    oracle industry applications 4.5 sp3i
    oracle industry applications 4.5 sp3j
    oracle industry applications 4.5 sp3k
    oracle industry applications 4.6 sp0b
    oracle industry applications 4.6 sp0c
    oracle industry applications 4.6 sp1b
    oracle industry applications 4.6 sp1c
    oracle industry applications 4.6 sp2b
    oracle industry applications 4.6 sp2c
    oracle industry applications 5.0 sp1b