Summary
| Detail | |||
|---|---|---|---|
| Vendor | Oracle | First view | 2011-07-20 |
| Product | Enterprise Manager Grid Control | Last view | 2016-01-20 |
| Version | 11.1.0.1 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:oracle:enterprise_manager_grid_control | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.2 | 2016-01-20 | CVE-2016-0455 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality and availability via unknown vectors related to Agent Next Gen. |
| 4.6 | 2016-01-20 | CVE-2016-0449 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen, a different vulnerability than CVE-2016-0444 and CVE-2016-0447. |
| 4.6 | 2016-01-20 | CVE-2016-0447 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen, a different vulnerability than CVE-2016-0444 and CVE-2016-0449. |
| 2.1 | 2016-01-20 | CVE-2016-0446 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality via unknown vectors related to Agent Next Gen. |
| 4.6 | 2016-01-20 | CVE-2016-0445 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen. |
| 4.4 | 2016-01-20 | CVE-2016-0444 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Agent Next Gen, a different vulnerability than CVE-2016-0447 and CVE-2016-0449. |
| 4.3 | 2016-01-20 | CVE-2016-0443 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality via unknown vectors related to Agent Next Gen. |
| 4 | 2016-01-20 | CVE-2016-0427 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 11.2.0.4, 12.1.0.4, and 12.1.0.5 allows remote authenticated users to affect confidentiality via unknown vectors related to UI Framework. |
| 6.8 | 2016-01-20 | CVE-2016-0415 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1, 12.1.0.4, and 12.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to UI Framework. |
| 4.6 | 2016-01-20 | CVE-2016-0411 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 11.1.0.1 and 11.2.0.4 allows local users to affect confidentiality, integrity, and availability via vectors related to Agent Next Gen. |
| 5 | 2015-07-16 | CVE-2015-4735 | Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management. |
| 5.5 | 2015-07-16 | CVE-2015-2647 | Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management. |
| 4.3 | 2015-07-16 | CVE-2015-2646 | Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management. |
| 4.9 | 2014-10-15 | CVE-2014-6557 | Unspecified vulnerability in the Application Performance Management component in Oracle Enterprise Manager Grid Control before 12.1.0.6.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to End User Experience Management. |
| 2.1 | 2014-10-15 | CVE-2014-6488 | Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management. |
| 4.3 | 2013-10-16 | CVE-2013-5828 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management. |
| 4.3 | 2013-10-16 | CVE-2013-5827 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management. |
| 4.3 | 2013-10-16 | CVE-2013-5766 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to DB Performance Advisories/UIs. |
| 4.3 | 2013-10-16 | CVE-2013-3762 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management. |
| 4.3 | 2013-01-16 | CVE-2013-0374 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning. |
| 4.3 | 2013-01-16 | CVE-2013-0373 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features. |
| 4.3 | 2013-01-16 | CVE-2013-0372 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 and 12.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features. |
| 4.3 | 2013-01-16 | CVE-2013-0358 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager. |
| 4.3 | 2013-01-16 | CVE-2013-0355 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1, and EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3, allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features. |
| 4.3 | 2013-01-16 | CVE-2013-0353 | Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 allows remote attackers to affect integrity via unknown vectors related to Enterprise Configuration Management. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-200 | Information Exposure |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 73934 | Oracle Enterprise Manager Grid Control EMCTL Unspecified Remote Issue (2011-0... |
| 73932 | Oracle Enterprise Manager Grid Control Security Framework Authentication Unsp... |
| 73927 | Oracle Enterprise Manager Grid Control SQL Performance Advisories/UIs Unspeci... |
| 73926 | Oracle Enterprise Manager Grid Control Database Target Type Menus Unspecified... |
| 73924 | Oracle Enterprise Manager Grid Control Content Management Unspecified Remote ... |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0153 | Multiple Vulnerabilities in Oracle Database Severity: Category I - VMSKEY: V0061079 |
| 2015-A-0157 | Multiple Vulnerabilties in Oracle Enterprise Manager Severity: Category I - VMSKEY: V0061087 |
| 2013-A-0198 | Multiple Vulnerabilities in Oracle Enterprise Manager Severity: Category I - VMSKEY: V0040785 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-01-21 | Name: The remote host has an enterprise management application installed that is af... File: oracle_enterprise_manager_jan_2016_cpu.nasl - Type: ACT_GATHER_INFO |
| 2015-07-20 | Name: The remote host has an enterprise management application installed that is af... File: oracle_enterprise_manager_jul_2015_cpu.nasl - Type: ACT_GATHER_INFO |
| 2015-01-26 | Name: The remote host is affected by an unspecified vulnerability. File: oracle_ruei_cpu_oct_2014.nasl - Type: ACT_GATHER_INFO |
| 2014-10-17 | Name: The remote host has an enterprise management application that is affected by ... File: oracle_enterprise_manager_oct_2014_cpu.nasl - Type: ACT_GATHER_INFO |
| 2013-10-22 | Name: A database management application installed on the remote host is affected by... File: oracle_db_mgmt_plugin_oct2013_cpu_nix.nasl - Type: ACT_GATHER_INFO |
| 2013-01-18 | Name: The remote database server is affected by multiple vulnerabilities. File: oracle_rdbms_cpu_jan_2013.nasl - Type: ACT_GATHER_INFO |
| 2012-07-19 | Name: The remote database server is affected by multiple vulnerabilities. File: oracle_rdbms_cpu_jul_2012.nasl - Type: ACT_GATHER_INFO |
| 2012-04-19 | Name: The remote database server is affected by multiple vulnerabilities. File: oracle_rdbms_cpu_apr_2012.nasl - Type: ACT_GATHER_INFO |
| 2011-07-20 | Name: The remote database server is affected by multiple vulnerabilities. File: oracle_rdbms_cpu_jul_2011.nasl - Type: ACT_GATHER_INFO |
