CVE-2014-0391 - OpenCVE

Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Fusion Middleware

Configuration 1 [-]

OR	cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:::::::*
	cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.0:::::::*
	cpe:2.3:a:oracle:fusion_middleware:11.1.2.0:::::::*
	cpe:2.3:a:oracle:fusion_middleware:11.1.2.1.0:::::::*

No data.

References

Link	Providers
http://osvdb.org/102099
http://secunia.com/advisories/56459
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/64829
http://www.securitytracker.com/id/1029613

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2014-01-15T01:33:00

Updated: 2024-08-06T09:13:10.427Z

Reserved: 2013-12-12T00:00:00

Link: CVE-2014-0391

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-01-15T16:08:07.437

Modified: 2016-11-17T17:07:40.557

Link: CVE-2014-0391

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-01-30T23:57:02", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "64829", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/64829"}, {"name": "1029613", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029613"}, {"name": "64758", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/64758"}, {"name": "56459", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56459"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"name": "102099", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/102099"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2014-0391", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "64829", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64829"}, {"name": "1029613", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029613"}, {"name": "64758", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64758"}, {"name": "56459", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56459"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"name": "102099", "refsource": "OSVDB", "url": "http://osvdb.org/102099"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:13:10.427Z"}, "title": "CVE Program Container", "references": [{"name": "64829", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/64829"}, {"name": "1029613", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1029613"}, {"name": "64758", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/64758"}, {"name": "56459", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56459"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"name": "102099", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/102099"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2014-0391", "datePublished": "2014-01-15T01:33:00", "dateReserved": "2013-12-12T00:00:00", "dateUpdated": "2024-08-06T09:13:10.427Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:11.1.1.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "8EA2051D-4D42-49DE-BECA-E28C5EA0C030", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8934DB1-B2A1-4C3B-B000-78826FC45C7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:11.1.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "81E45EA8-13AA-4219-A108-00472932CF17", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:11.1.2.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "D5D8E14F-4F2F-40ED-8ACE-D92FC2CE937B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0, and 11.1.2.1 allows remote attackers to affect confidentiality via unknown vectors related to End User Self Service."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Identity Manager de Oracle Fusion Middleware 11.1.1.5, 11.1.1.7, 11.1.2.0 y 11.1.2.1 que permite a los atacantes remotos afectar a la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con el autoservicio de usuario final."}], "id": "CVE-2014-0391", "lastModified": "2016-11-17T17:07:40.557", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-15T16:08:07.437", "references": [{"source": "secalert_us@oracle.com", "url": "http://osvdb.org/102099"}, {"source": "secalert_us@oracle.com", "url": "http://secunia.com/advisories/56459"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/64758"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/64829"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1029613"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}