CNVD-2016-05307

Vulnerability from cnvd - Published: 2016-07-25
VLAI Severity ?
Title
Oracle Enterprise Manager Grid Control Enterprise Manager Ops Center组件存在未明漏洞
Description
Oracle Enterprise Manager Grid Control是美国甲骨文(Oracle)公司的一套系统管理软件。该软件为Oracle IT架构提供中心化监视、生命周期管理等功能。Enterprise Manager Ops Center是其中的一个企业数据中心监控管理组件。 Oracle Enterprise Manager Grid Control 12.1.4、12.2.2及12.3.2版本中的Enterprise Manager Ops Center组件中的Framework子组件存在安全漏洞。远程攻击者可利用该漏洞控制程序,影响数据的保密性、完整性及可用性。
Severity
Patch Name
Oracle Enterprise Manager Grid Control Enterprise Manager Ops Center组件存在未明漏洞的补丁
Patch Description
Oracle Enterprise Manager Grid Control是美国甲骨文(Oracle)公司的一套系统管理软件。该软件为Oracle IT架构提供中心化监视、生命周期管理等功能。Enterprise Manager Ops Center是其中的一个企业数据中心监控管理组件。 Oracle Enterprise Manager Grid Control 12.1.4、12.2.2及12.3.2版本中的Enterprise Manager Ops Center组件中的Framework子组件存在安全漏洞。远程攻击者可利用该漏洞控制程序,影响数据的保密性、完整性及可用性。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

用户可参考如下供应商提供的安全公告获得补丁信息: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB

Reference
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB
Impacted products
Name
['Oracle Enterprise Manager Grid Control 12.1.4', 'Oracle Enterprise Manager Grid Control 12.2.2', 'Oracle Enterprise Manager Grid Control 12.3.2']
Show details on source website
To clipboard 

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-0635"
    }
  },
  "description": "Oracle Enterprise Manager Grid Control\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u7cfb\u7edf\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3aOracle IT\u67b6\u6784\u63d0\u4f9b\u4e2d\u5fc3\u5316\u76d1\u89c6\u3001\u751f\u547d\u5468\u671f\u7ba1\u7406\u7b49\u529f\u80fd\u3002Enterprise Manager Ops Center\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4f01\u4e1a\u6570\u636e\u4e2d\u5fc3\u76d1\u63a7\u7ba1\u7406\u7ec4\u4ef6\u3002\r\n\r\nOracle Enterprise Manager Grid Control 12.1.4\u300112.2.2\u53ca12.3.2\u7248\u672c\u4e2d\u7684Enterprise Manager Ops Center\u7ec4\u4ef6\u4e2d\u7684Framework\u5b50\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a7\u5236\u7a0b\u5e8f\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002",
  "discovererName": "Oracle",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-05307",
  "openTime": "2016-07-25",
  "patchDescription": "Oracle Enterprise Manager Grid Control\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u7cfb\u7edf\u7ba1\u7406\u8f6f\u4ef6\u3002\u8be5\u8f6f\u4ef6\u4e3aOracle IT\u67b6\u6784\u63d0\u4f9b\u4e2d\u5fc3\u5316\u76d1\u89c6\u3001\u751f\u547d\u5468\u671f\u7ba1\u7406\u7b49\u529f\u80fd\u3002Enterprise Manager Ops Center\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4f01\u4e1a\u6570\u636e\u4e2d\u5fc3\u76d1\u63a7\u7ba1\u7406\u7ec4\u4ef6\u3002\r\n\r\nOracle Enterprise Manager Grid Control 12.1.4\u300112.2.2\u53ca12.3.2\u7248\u672c\u4e2d\u7684Enterprise Manager Ops Center\u7ec4\u4ef6\u4e2d\u7684Framework\u5b50\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u63a7\u5236\u7a0b\u5e8f\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle Enterprise Manager Grid Control Enterprise Manager Ops Center\u7ec4\u4ef6\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Oracle Enterprise Manager Grid Control 12.1.4",
      "Oracle Enterprise Manager Grid Control 12.2.2",
      "Oracle Enterprise Manager Grid Control 12.3.2"
    ]
  },
  "referenceLink": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB",
  "serverity": "\u9ad8",
  "submitTime": "2016-07-21",
  "title": "Oracle Enterprise Manager Grid Control Enterprise Manager Ops Center\u7ec4\u4ef6\u5b58\u5728\u672a\u660e\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.