Multiple vulnerabilities had been identified in Oracle Database that is consumed by Tivoli Netcool Perfomance Manager for Wireless. (CVE-2014-4236 and CVE-2014-4245 )
CVE ID:CVE-2014-4236
**DESCRIPTION:*An unspecified vulnerability in Oracle Database related to the RDBMS Core component has partial confidentiality impact, partial integrity impact, and partial availability impact
CVSS Base Score: 6.5
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/94538>_ for more information
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)"
CVE ID:CVE-2014-4245
Description: An unspecified vulnerability in Oracle Database related to the RDBMS Core component could allow a remote attacker to obtain sensitive information.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94540> for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:N)"
Tivoli Netcool Performance Manager (TNPM) for Wireless version 1.4 and 1.3.2
There is one solution in the form of fixes that will resolve the issue. The recommended solution is to apply the fix from Oracle. Implement the appropriate solution as soon as practicable. Please refer to Table below for information on available fixes.
Product | VRMF | APAR | Remediation/First Fix |
---|---|---|---|
Oracle | 11.2.0.4 | none | Database 11.2.0.4 SPU Patch 18681862 |
None