CVE-2012-3185

Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3186.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability : 6.8 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:fusion_middleware:6.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:6.2:::::::*
	cpe:2.3:a:oracle:fusion_middleware:6.3:::::::*

Configuration 2 (hide)

cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:oracle:fusion_middleware:7.0:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.0.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.0.2:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.0.3:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.5:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.6.1:::::::*
	cpe:2.3:a:oracle:fusion_middleware:7.6.2:::::::*

History

21 Nov 2024, 01:40

Type	Values Removed	Values Added
References	~~() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link~~	() http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 - Broken Link
References	~~() http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html - Patch, Vendor Advisory~~	() http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html - Patch, Vendor Advisory

Information

Published : 2012-10-17 00:55

Updated : 2025-04-11 00:51

NVD link : CVE-2012-3185

Mitre link : CVE-2012-3185

CVE.ORG link : CVE-2012-3185

JSON object : View

Products Affected

oracle

fusion_middleware

CWE

NVD-CWE-noinfo

{"id": "CVE-2012-3185", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-10-17T00:55:02.057", "references": [{"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "tags": ["Broken Link"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2012-1515893.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle WebCenter Sites component in Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2, and 11.1.1.6.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Advanced UI, a different vulnerability than CVE-2012-3183 and CVE-2012-3186."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle WebCenter Sites en Oracle Fusion Middleware 6.1, 6.2, 6.3.x, 7, 7.0.1, 7.0.2, 7.0.3, 7.5, 7.6.1, 7.6.2 y 11.1.1.6.0 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionado con Advanced UI, una vulnerabilidad diferente a CVE-2012-3183 y CVE-2012-3186."}], "lastModified": "2025-04-11T00:51:21.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7586B144-029F-4B80-8FCC-6409AE280DDE"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "27A294BA-A23C-4877-8F9E-4636F8ED60CC"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59609F1A-A704-4CC2-810E-CC64A7CC2FF1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:11.1.1.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6935E726-6AA6-468F-AAEB-BC679FD5CFFC"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6637A7C5-6831-48AA-B8DA-ED1A6986C258"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4368A818-61FB-478C-BFD0-AB4ACD94FEE8"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5626162E-9625-4B14-8B40-498FE80140FD"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6F87F41B-7EE6-46E6-9183-D6E95C3C429D"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "09760D9F-652A-4874-A6FD-F83B58FBCE53"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CAD8A95-DE88-4DCC-91BB-C5290A4F93F7"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:7.6.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2A9B040F-4062-45C1-A659-B5E9242B54CD"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}