CVE-2014-0419 - OpenCVE

Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:H/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Oracle	Virtualization Secure Global Desktop

Configuration 1 [-]

OR	cpe:2.3:a:oracle:virtualization_secure_global_desktop:4.63:::::::*
	cpe:2.3:a:oracle:virtualization_secure_global_desktop:4.71:::::::*
	cpe:2.3:a:oracle:virtualization_secure_global_desktop:5.0:::::::*
	cpe:2.3:a:oracle:virtualization_secure_global_desktop:5.10:::::::*

No data.

References

Link	Providers
http://osvdb.org/102110
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.securityfocus.com/bid/64758
http://www.securityfocus.com/bid/64902
http://www.securitytracker.com/id/1029610
https://exchange.xforce.ibmcloud.com/vulnerabilities/90367

History

No history.

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2014-01-15T02:50:00

Updated: 2024-08-06T09:13:10.656Z

Reserved: 2013-12-12T00:00:00

Link: CVE-2014-0419

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-01-15T16:08:10.187

Modified: 2017-08-29T01:34:10.293

Link: CVE-2014-0419

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-01-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "102110", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/102110"}, {"name": "64902", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/64902"}, {"name": "64758", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/64758"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"name": "oracle-cpujan2014-cve20140419(90367)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90367"}, {"name": "1029610", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029610"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2014-0419", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "102110", "refsource": "OSVDB", "url": "http://osvdb.org/102110"}, {"name": "64902", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64902"}, {"name": "64758", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64758"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"name": "oracle-cpujan2014-cve20140419(90367)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90367"}, {"name": "1029610", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029610"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:13:10.656Z"}, "title": "CVE Program Container", "references": [{"name": "102110", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/102110"}, {"name": "64902", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/64902"}, {"name": "64758", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/64758"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"name": "oracle-cpujan2014-cve20140419(90367)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90367"}, {"name": "1029610", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1029610"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2014-0419", "datePublished": "2014-01-15T02:50:00", "dateReserved": "2013-12-12T00:00:00", "dateUpdated": "2024-08-06T09:13:10.656Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:virtualization_secure_global_desktop:4.63:*:*:*:*:*:*:*", "matchCriteriaId": "EF16EF6D-B43F-4F2A-A985-B46657AF55DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:virtualization_secure_global_desktop:4.71:*:*:*:*:*:*:*", "matchCriteriaId": "62CB3A29-45CA-48F5-B347-5E70CA77E0A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:virtualization_secure_global_desktop:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "3A9ED077-CBCC-4615-B3A7-93B84C5A0773", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:virtualization_secure_global_desktop:5.10:*:*:*:*:*:*:*", "matchCriteriaId": "38D99A78-7F70-45C4-83F4-114D3340E89C", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Secure Global Desktop (SGD) de Oracle Virtualization SGD anteriores a 4.63 con PSU Diciembre 2013, 4.71; 5.0 con PSU Diciembre 2013; y 5.10 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Administration Console y Workspace Web Applications."}], "id": "CVE-2014-0419", "lastModified": "2017-08-29T01:34:10.293", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-01-15T16:08:10.187", "references": [{"source": "secalert_us@oracle.com", "url": "http://osvdb.org/102110"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/64758"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/64902"}, {"source": "secalert_us@oracle.com", "url": "http://www.securitytracker.com/id/1029610"}, {"source": "secalert_us@oracle.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90367"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}