National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2014-3576

Change History

Modified Analysis - 4/26/2016 1:57:46 PM

Action Type Old Value New Value
Changed Reference Type
https://github.com/apache/activemq/commit/00921f2 No Types Assigned
https://github.com/apache/activemq/commit/00921f2 Patch
Added CVSS V2
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Removed CVSS V2
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added CVSS V3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Removed Evaluator Description
The previous CVSS assessment (Base Score: 5.0 - AV:N/AC:L/AU:N/C:N/I:N/A:P) was provided at the time of initial analysis based on the best available published information at that time.  The score has been updated to reflect the impact to Oracle products per <a href=http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html> Oracle Critical Patch Update Advisory - October 2015 </a>. Other products listed as vulnerable may or may not be similarly impacted.

Also Per <a href=http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html> Oracle Critical Patch Update Advisory - October 2015 </a> -
Please refer to My Oracle Support Note 2056927.1 for instructions on how to address this issue.
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.4:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:fusion_middleware:8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:fusion_middleware:9.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:fusion_middleware:12.1.3.0.0:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:a:apache:activemq:5.10.0:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:oracle:business_intelligence_publisher:12.2.1.0.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:oracle:fusion_middleware:11.1.1.7.4:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:fusion_middleware:8.1:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:fusion_middleware:9.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:fusion_middleware:12.1.3.0.0:*:*:*:*:*:*:*