CVE-2012-0518

Warnung

EPSS 24.1%
Veröffentlicht 16.10.2012 23:55:03
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert_us@oracle.com
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Fusion Middleware Version10.1.4.3

28.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Oracle Fusion Middleware Unspecified Vulnerability

Schwachstelle

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	24.1%	0.959

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.7	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	4.7	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Broken Link

http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-0518

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-0518

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-0518

EUVD