Vulnerability Details CVE-2013-3827
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.1 allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.883
EPSS Ranking 99.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://rhn.redhat.com/errata/RHSA-2014-0029.html
- http://www.kb.cert.org/vuls/id/526012
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/63052
- http://www.securitytracker.com/id/1029190
- http://rhn.redhat.com/errata/RHSA-2014-0029.html
- http://www.kb.cert.org/vuls/id/526012
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/63052
- http://www.securitytracker.com/id/1029190
Products affected by CVE-2013-3827
-
cpe:2.3:a:oracle:fusion_middleware:10.3.6
-
cpe:2.3:a:oracle:fusion_middleware:11.1.2.3.0
-
cpe:2.3:a:oracle:fusion_middleware:11.1.2.4.0
-
cpe:2.3:a:oracle:fusion_middleware:12.1.1
-
cpe:2.3:a:oracle:fusion_middleware:12.1.2.0.0
-
cpe:2.3:a:oracle:fusion_middleware:2.1.1
-
cpe:2.3:a:oracle:fusion_middleware:3.0.1
-
cpe:2.3:a:oracle:fusion_middleware:3.1.2