Security Bulletin: Multiple vulnerabilities had been identified in Oracle Database related to the RDBMS Core component. (CVE-2014-4236 and CVE-2014-4245)

Summary

Multiple vulnerabilities had been identified in Oracle Database that is consumed by Tivoli Netcool Perfomance Manager for Wireless. (CVE-2014-4236 and CVE-2014-4245 )

Vulnerability Details

CVE ID:CVE-2014-4236

**DESCRIPTION:*An unspecified vulnerability in Oracle Database related to the RDBMS Core component has partial confidentiality impact, partial integrity impact, and partial availability impact
CVSS Base Score: 6.5
CVSS Temporal Score: See _<https://exchange.xforce.ibmcloud.com/vulnerabilities/94538&gt;_ for more information
CVSS Environmental Score: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)"

CVE ID:CVE-2014-4245

Description: An unspecified vulnerability in Oracle Database related to the RDBMS Core component could allow a remote attacker to obtain sensitive information.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/94540&gt; for more information
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:N)"

Affected Products and Versions

Tivoli Netcool Performance Manager (TNPM) for Wireless version 1.4 and 1.3.2

Remediation/Fixes

There is one solution in the form of fixes that will resolve the issue. The recommended solution is to apply the fix from Oracle. Implement the appropriate solution as soon as practicable. Please refer to Table below for information on available fixes.

Workarounds and Mitigations

None