Oracle » Sun Products Suite : Security Vulnerabilities, CVEs,
Unspecified vulnerability in the Sun Storage Common Array Manager (CAM) component in Oracle Sun Products Suite 6.9.0 allows remote attackers to affect confidentiality, related to Fault Management System (FMS).
Max CVSS
5.0
EPSS Score
0.18%
Published
2013-01-17
Updated
2013-10-11
Unspecified vulnerability in the Solaris Cluster component in Oracle Sun Products Suite 3.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Apache Tomcat Agent.
Max CVSS
6.2
EPSS Score
0.08%
Published
2012-07-17
Updated
2017-08-29
Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to sgepasswd.
Max CVSS
7.2
EPSS Score
0.06%
Published
2012-05-03
Updated
2013-10-11
Unspecified vulnerability in the Oracle iPlanet Web Server component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Administration Console.
Max CVSS
6.8
EPSS Score
0.87%
Published
2012-05-03
Updated
2017-12-13
Unspecified vulnerability in the Oracle Grid Engine component in Oracle Sun Products Suite 6.1 and 6.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to qrsh.
Max CVSS
9.0
EPSS Score
0.42%
Published
2012-05-03
Updated
2013-10-11
Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 8, 9, 10, and 11 Express allows remote attackers to affect availability via unknown vectors related to Remote Quota Server (rquotad).
Max CVSS
5.0
EPSS Score
1.37%
Published
2011-10-18
Updated
2017-08-29
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 8.0 allows remote attackers to affect availability via unknown vectors related to Authentication.
Max CVSS
7.8
EPSS Score
1.20%
Published
2011-10-18
Updated
2017-08-29
Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows remote authenticated users to affect integrity via unknown vectors related to Messaging Server.
Max CVSS
3.5
EPSS Score
0.13%
Published
2011-10-18
Updated
2012-11-06
Unspecified vulnerability in the Oracle OpenSSO component in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
Max CVSS
4.3
EPSS Score
0.43%
Published
2011-10-18
Updated
2012-11-27
Unspecified vulnerability in the Oracle Communications Unified component in Oracle Sun Products Suite 7.0 allows local users to affect confidentiality via unknown vectors related to Delegated Administrator.
Max CVSS
2.1
EPSS Score
0.06%
Published
2011-10-18
Updated
2012-01-12
Unspecified vulnerability in the Oracle Waveset component in Oracle Sun Products Suite 8.1.0 and 8.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to User Administration.
Max CVSS
7.5
EPSS Score
0.53%
Published
2011-10-18
Updated
2012-01-12
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.
Max CVSS
5.8
EPSS Score
84.52%
Published
2011-07-20
Updated
2011-10-05
Unspecified vulnerability in the Solaris component in Oracle Sun Products Suite 9 and 10 allows remote attackers to affect confidentiality, integrity, and availability, related to SSH.
Max CVSS
7.5
EPSS Score
0.53%
Published
2011-07-20
Updated
2011-10-05
Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Sun Products Suite 2.1.1 and 3.0.1 allows remote attackers to execute arbitrary code via unknown vectors related to Administration.
Max CVSS
6.4
EPSS Score
74.32%
Published
2011-07-20
Updated
2011-12-21
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote authenticated users to affect confidentiality via unknown vectors related to Authentication.
Max CVSS
4.0
EPSS Score
0.08%
Published
2011-04-20
Updated
2012-08-02
Unspecified vulnerability in the OpenSSO Enterprise and Sun Java System Access Manager components in Oracle Sun Products Suite 7.1 and 8.0 allows remote attackers to affect integrity via unknown vectors related to Authentication.
Max CVSS
4.3
EPSS Score
0.11%
Published
2011-04-20
Updated
2012-08-02
Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 components in Oracle Sun Products Suite 1.0 and 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail.
Max CVSS
6.4
EPSS Score
0.23%
Published
2010-10-14
Updated
2013-02-07
Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Webmail. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that the Kerberos implementation does not properly check AP-REQ requests, which allows attackers to cause a denial of service in the JVM. NOTE: CVE has not investigated the apparent discrepancy between the two vendors regarding the consequences of this issue.
Max CVSS
6.4
EPSS Score
1.11%
Published
2010-10-14
Updated
2017-09-19
Unspecified vulnerability in the Sun Java System Identity Manager component in Oracle Sun Products Suite 8.1 allows remote attackers to affect confidentiality and integrity via unknown vectors.
Max CVSS
5.8
EPSS Score
0.16%
Published
2010-10-14
Updated
2013-02-07
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration.
Max CVSS
5.8
EPSS Score
0.19%
Published
2010-10-14
Updated
2013-02-07
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0 allows remote attackers to affect integrity and availability via unknown vectors related to Administration. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable source that this is cross-site request forgery (CSRF) that allows remote attackers to stop an instance via the management console.
Max CVSS
5.8
EPSS Score
2.70%
Published
2010-10-14
Updated
2013-02-07
Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Products Suite 6.0, 6.1, 6.2, and 6.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Identity Synchronization for Windows.
Max CVSS
4.4
EPSS Score
0.04%
Published
2010-10-14
Updated
2013-02-07
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 6.1 and 7.0 allows remote attackers to affect integrity via unknown vectors related to Web Container.
Max CVSS
4.3
EPSS Score
0.23%
Published
2010-10-14
Updated
2010-11-11
Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0u8 allows remote authenticated users to affect confidentiality, related to DAV (WebDAV).
Max CVSS
3.5
EPSS Score
0.20%
Published
2010-10-14
Updated
2010-11-11
Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors.
Max CVSS
3.0
EPSS Score
0.04%
Published
2010-10-14
Updated
2010-11-11