CVE-2011-2299 - OpenCVE

Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP).

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Sparc Enterprise M3000 Server Sparc Enterprise M4000 Server Sparc Enterprise M5000 Server Sparc Enterprise M8000 Server Sparc Enterprise M9000 Server Xcp

Configuration 1 [-]

OR	cpe:2.3:a:oracle:xcp::::::::
	cpe:2.3:h:oracle:sparc_enterprise_m3000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m4000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m5000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m8000_server:-:::::::*
	cpe:2.3:h:oracle:sparc_enterprise_m9000_server:-:::::::*

No data.

References

Link	Providers
http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html
http://www.us-cert.gov/cas/techalerts/TA11-201A.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2011-07-21T00:00:00

Updated: 2024-08-06T22:53:17.475Z

Reserved: 2011-06-02T00:00:00

Link: CVE-2011-2299

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-07-21T00:55:02.223

Modified: 2011-10-05T02:54:56.863

Link: CVE-2011-2299

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-07-19T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2011-10-05T09:00:00", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "TA11-201A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2011-2299", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA11-201A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:53:17.475Z"}, "title": "CVE Program Container", "references": [{"name": "TA11-201A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2011-2299", "datePublished": "2011-07-21T00:00:00", "dateReserved": "2011-06-02T00:00:00", "dateUpdated": "2024-08-06T22:53:17.475Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:xcp:*:*:*:*:*:*:*:*", "matchCriteriaId": "885CFFC2-ABF5-47F1-BE4D-28B6B8692536", "versionEndIncluding": "1100", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m3000_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "EE985481-02B0-4813-9390-33BDD24257A1", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m4000_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "4449463C-0681-42F7-887B-719E3FA06DE2", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m5000_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "F96C3AEE-6D8F-445B-8F20-B02C93560C4E", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m8000_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "3F528DC3-ADBB-4612-A8C0-A4B806E5BB44", "vulnerable": true}, {"criteria": "cpe:2.3:h:oracle:sparc_enterprise_m9000_server:-:*:*:*:*:*:*:*", "matchCriteriaId": "E0050034-1E95-4724-B359-87C56D0198C4", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle SPARC Enterprise M3000, M4000, M5000, M8000, and M9000 XCP 1101 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to XSCF Control Package (XCP)."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle SPARC Enterprise M3000, M4000, M5000, M8000, M9000 y XCP 1101 y anteriores permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad, en relaci\u00f3n con el paquete de control de XSCF (XCP)."}], "id": "CVE-2011-2299", "lastModified": "2011-10-05T02:54:56.863", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-07-21T00:55:02.223", "references": [{"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2011-313328.html"}, {"source": "secalert_us@oracle.com", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA11-201A.html"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}