Back to CVE Browser

CVE-2017-3518

HIGH

7.5

CVSS Severity Score

EPSS Score0.1630%

EPSS Percentile40.91th

PublishedApr 24, 2017

Last ModifiedMay 13, 2026

Vulnerability Description

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: Discovery Framework). Supported versions that are affected are 12.1.0, 13.1.0 and 13.2.0. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

Affected Platforms (CPE)

📦

Oracle

Enterprise Manager Base Platform

= 12.1.0

📦

Oracle

Enterprise Manager Base Platform

= 13.1.0

📦

Oracle

Enterprise Manager Base Platform

= 13.2.0

References & Advisories

🔗 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

🔗 http://www.securityfocus.com/bid/97720

🔗 http://www.securitytracker.com/id/1038297

🔗 http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

🔗 http://www.securityfocus.com/bid/97720

🔗 http://www.securitytracker.com/id/1038297

Related Vulnerabilities

CVE-2020-29619.8

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework (Oracle...

CVE-2021-21378.8

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Policy Framework). Supporte...

CVE-2017-100917.7

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Grid Control (subcomponent: UI Framew...

CVE-2020-29827.1

Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Managemen...