CVE-2010-4431 - OpenCVE

Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy.

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity High

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:H/Au:S/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Sun	Java System Portal Server

Configuration 1 [-]

OR	cpe:2.3:a:sun:java_system_portal_server:7.1:::::::*
	cpe:2.3:a:sun:java_system_portal_server:7.2:::::::*

References

Link	Resource
http://osvdb.org/70565
http://secunia.com/advisories/42991
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html	Vendor Advisory
http://www.securityfocus.com/bid/45898
http://www.vupen.com/english/advisories/2011/0158
https://exchange.xforce.ibmcloud.com/vulnerabilities/64816

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2011-01-19T16:00:00

Updated: 2017-08-16T14:57:01

Reserved: 2010-12-06T00:00:00

Link: CVE-2010-4431

JSON object: View

NVD Information

Status : Modified

Published: 2011-01-19T17:00:01.623

Modified: 2017-08-17T01:33:11.477

Link: CVE-2010-4431

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-01-18T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "ADV-2011-0158", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0158"}, {"name": "sun-java-system-proxy-info-disclosure(64816)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64816"}, {"name": "70565", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/70565"}, {"name": "42991", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/42991"}, {"name": "45898", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/45898"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2010-4431", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2011-0158", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0158"}, {"name": "sun-java-system-proxy-info-disclosure(64816)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64816"}, {"name": "70565", "refsource": "OSVDB", "url": "http://osvdb.org/70565"}, {"name": "42991", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/42991"}, {"name": "45898", "refsource": "BID", "url": "http://www.securityfocus.com/bid/45898"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2010-4431", "datePublished": "2011-01-19T16:00:00", "dateReserved": "2010-12-06T00:00:00", "dateUpdated": "2017-08-16T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sun:java_system_portal_server:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "A29331A7-9D72-489D-A8DF-5B4C18A19692", "vulnerable": true}, {"criteria": "cpe:2.3:a:sun:java_system_portal_server:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "83D63923-869B-4156-BBED-DFB417B19420", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to affect confidentiality via unknown vectors related to Proxy."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Oracle Sun Java System Portal Server 7.1 y 7.2 permite a usuarios locales afectar a la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con el Proxy."}], "id": "CVE-2010-4431", "lastModified": "2017-08-17T01:33:11.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "HIGH", "accessVector": "LOCAL", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 1.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:H/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 1.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-01-19T17:00:01.623", "references": [{"source": "secalert_us@oracle.com", "url": "http://osvdb.org/70565"}, {"source": "secalert_us@oracle.com", "url": "http://secunia.com/advisories/42991"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/45898"}, {"source": "secalert_us@oracle.com", "url": "http://www.vupen.com/english/advisories/2011/0158"}, {"source": "secalert_us@oracle.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64816"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}