Vulnerability Details : CVE-2011-3525
Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user.
Exploit prediction scoring system (EPSS) score for CVE-2011-3525
Probability of exploitation activity in the next 30 days: 0.49%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 73 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2011-3525
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST |
References for CVE-2011-3525
-
http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html
Oracle Critical Patch Update - October 2011Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/70799
Oracle Database Server Application Express APEX developer user unspecified CVE-2011-3525 Vulnerability Report
-
http://www.securityfocus.com/bid/50197
Oracle Database CVE-2011-3525 Remote Application Express Vulnerability
Products affected by CVE-2011-3525
- cpe:2.3:a:oracle:database_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:database_server:3.2:*:*:*:*:*:*:*