CVE-2014-0419 : Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 w

Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization SGD before 4.63 with December 2013 PSU, 4.71, 5.0 with December 2013 PSU, and 5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console and Workspace Web Applications.

Published 2014-01-15 16:08:10

Updated 2017-08-29 01:34:10

Source Oracle

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2014-0419

Probability of exploitation activity in the next 30 days: 1.06%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-0419

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.1	MEDIUM	AV:N/AC:H/Au:N/C:P/I:P/A:P	4.9	6.4	NIST
Access Vector: Network Access Complexity: High Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

References for CVE-2014-0419

http://www.securityfocus.com/bid/64902

Oracle Secure Global Desktop CVE-2014-0419 Remote Security Vulnerability
http://www.securitytracker.com/id/1029610

Oracle Virtualization Bugs Let Remote and Local Users Access and Modify Data and Deny Service - SecurityTracker

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Oracle Critical Patch Update - January 2014
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/90367

Oracle Secure Global Desktop (SGD) Administration Console and Workspace Web Applications unspecified CVE-2014-0419 Vulnerability Report
http://www.securityfocus.com/bid/64758

RETIRED: Oracle January 2014 Critical Patch Update Multiple Vulnerabilities

CVEs referencing this url

Products affected by CVE-2014-0419

Oracle » Virtualization Secure Global Desktop » Version: 5.10
cpe:2.3:a:oracle:virtualization_secure_global_desktop:5.10:*:*:*:*:*:*:*
Matching versions
Oracle » Virtualization Secure Global Desktop » Version: 4.63
cpe:2.3:a:oracle:virtualization_secure_global_desktop:4.63:*:*:*:*:*:*:*
Matching versions
Oracle » Virtualization Secure Global Desktop » Version: 4.71
cpe:2.3:a:oracle:virtualization_secure_global_desktop:4.71:*:*:*:*:*:*:*
Matching versions
Oracle » Virtualization Secure Global Desktop » Version: 5.0
cpe:2.3:a:oracle:virtualization_secure_global_desktop:5.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-0419

Exploit prediction scoring system (EPSS) score for CVE-2014-0419

CVSS scores for CVE-2014-0419

References for CVE-2014-0419

Products affected by CVE-2014-0419