CVE-2012-0518

Warning

EPSS 24.1%
Published 16.10.2012 23:55:03
Last modified 11.04.2025 00:51:21
Source secalert_us@oracle.com
Teams watchlist Login
Open Login

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware 10.1.4.3.0 allows remote attackers to affect integrity via unknown vectors related to Redirects, a different vulnerability than CVE-2012-3175.

Affected products Warnungen 1 Metrics 4 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Fusion Middleware Version10.1.4.3

28.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Oracle Fusion Middleware Unspecified Vulnerability

Vulnerability

Unspecified vulnerability in the Oracle Application Server Single Sign-On component in Oracle Fusion Middleware allows remote attackers to affect integrity via Unknown vectors

Description

Apply updates per vendor instructions.

Required actions

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	24.1%	0.959

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.7	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	4.7	2.8	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Broken Link

http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2012-0518

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2012-0518

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2012-0518

EUVD