CVE-2016-0635 - 漏洞详情

CVE-2016-0635 (CNNVD-201607-650)

HIGH

中文标题:

Oracle Enterprise Manager Grid Control Enterprise Manager Ops Center组件安全漏洞

英文标题:

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manage...

CVSS分数: 8.8

发布时间: 2016-07-21 10:00:00

漏洞类型: 其他

状态: PUBLISHED

数据质量分数: 0.30

数据版本: v3

漏洞描述

中文描述:

Oracle Enterprise Manager Grid Control是美国甲骨文（Oracle）公司的一套系统管理软件。该软件为Oracle IT架构提供中心化监视、生命周期管理等功能。Enterprise Manager Ops Center是其中的一个企业数据中心监控管理组件。 Oracle Enterprise Manager Grid Control 12.1.4、12.2.2及12.3.2版本中的Enterprise Manager Ops Center组件中的Framework子组件存在安全漏洞。远程攻击者可利用该漏洞控制程序，影响数据的保密性、完整性及可用性。

英文描述:

Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CWE类型:

（暂无数据）

受影响产品

厂商	产品	版本	版本范围	平台	CPE
oracle	documaker	*	-	-	`cpe:2.3:a:oracle:documaker::::::::`
oracle	enterprise_manager_ops_center	12.1.4	-	-	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:::::::*`
oracle	enterprise_manager_ops_center	12.2.2	-	-	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:::::::*`
oracle	enterprise_manager_ops_center	12.3.2	-	-	`cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:::::::*`
oracle	health_sciences_information_manager	1.2.8.3	-	-	`cpe:2.3:a:oracle:health_sciences_information_manager:1.2.8.3:::::::*`
oracle	health_sciences_information_manager	2.0.2.3	-	-	`cpe:2.3:a:oracle:health_sciences_information_manager:2.0.2.3:::::::*`
oracle	health_sciences_information_manager	3.0.1.0	-	-	`cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1.0:::::::*`
oracle	healthcare_master_person_index	2.0.12	-	-	`cpe:2.3:a:oracle:healthcare_master_person_index:2.0.12:::::::*`
oracle	healthcare_master_person_index	3.0.0	-	-	`cpe:2.3:a:oracle:healthcare_master_person_index:3.0.0:::::::*`
oracle	healthcare_master_person_index	4.0.1	-	-	`cpe:2.3:a:oracle:healthcare_master_person_index:4.0.1:::::::*`
oracle	insurance_calculation_engine	9.7.1	-	-	`cpe:2.3:a:oracle:insurance_calculation_engine:9.7.1:::::::*`
oracle	insurance_calculation_engine	10.1.2	-	-	`cpe:2.3:a:oracle:insurance_calculation_engine:10.1.2:::::::*`
oracle	insurance_calculation_engine	10.2.2	-	-	`cpe:2.3:a:oracle:insurance_calculation_engine:10.2.2:::::::*`
oracle	insurance_policy_administration_j2ee	9.6.1	-	-	`cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.6.1:::::::*`
oracle	insurance_policy_administration_j2ee	9.7.1	-	-	`cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.7.1:::::::*`
oracle	insurance_policy_administration_j2ee	10.0.1	-	-	`cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.0.1:::::::*`
oracle	insurance_policy_administration_j2ee	10.1.2	-	-	`cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.1.2:::::::*`
oracle	insurance_policy_administration_j2ee	10.2.0	-	-	`cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:::::::*`
oracle	insurance_policy_administration_j2ee	10.2.2	-	-	`cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.2:::::::*`
oracle	insurance_rules_palette	9.6.1	-	-	`cpe:2.3:a:oracle:insurance_rules_palette:9.6.1:::::::*`
oracle	insurance_rules_palette	9.7.1	-	-	`cpe:2.3:a:oracle:insurance_rules_palette:9.7.1:::::::*`
oracle	insurance_rules_palette	10.0.1	-	-	`cpe:2.3:a:oracle:insurance_rules_palette:10.0.1:::::::*`
oracle	insurance_rules_palette	10.1.2	-	-	`cpe:2.3:a:oracle:insurance_rules_palette:10.1.2:::::::*`
oracle	insurance_rules_palette	10.2.0	-	-	`cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:::::::*`
oracle	insurance_rules_palette	10.2.2	-	-	`cpe:2.3:a:oracle:insurance_rules_palette:10.2.2:::::::*`
oracle	primavera_contract_management	14.2	-	-	`cpe:2.3:a:oracle:primavera_contract_management:14.2:::::::*`
oracle	primavera_p6_enterprise_project_portfolio_management	8.2	-	-	`cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2:::::::*`
oracle	primavera_p6_enterprise_project_portfolio_management	8.3	-	-	`cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:::::::*`
oracle	primavera_p6_enterprise_project_portfolio_management	8.4	-	-	`cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:::::::*`
oracle	primavera_p6_enterprise_project_portfolio_management	15.1	-	-	`cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:::::::*`
oracle	primavera_p6_enterprise_project_portfolio_management	15.2	-	-	`cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:::::::*`
oracle	primavera_p6_enterprise_project_portfolio_management	16.1	-	-	`cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:::::::*`
oracle	retail_integration_bus	15.0	-	-	`cpe:2.3:a:oracle:retail_integration_bus:15.0:::::::*`
oracle	retail_order_broker_cloud_service	5.1	-	-	`cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:::::::*`
oracle	retail_order_broker_cloud_service	5.2	-	-	`cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:::::::*`
oracle	retail_order_broker_cloud_service	15.0	-	-	`cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:::::::*`

解决方案

中文解决方案:

（暂无数据）

英文解决方案:

（暂无数据）