Unspecified Vulnerability in Oracle Secure Backup by Oracle
CVE-2009-1977

Currently unrated

Key Information:

Vendor: Oracle
Status: Secure Backup
Vendor: CVE Published:; 14 July 2009

Summary

An unspecified vulnerability exists in the Oracle Secure Backup component of Oracle Secure Backup 10.2.0.3, which may allow remote attackers to compromise the confidentiality, integrity, and availability of affected systems. Although detailed vectors of attack are unknown, independent research suggests that it may enable attackers to bypass authentication mechanisms utilizing the username parameter in login.php. This vulnerability poses significant risks to data protection strategies and requires immediate attention to mitigate potential exploits.

References

http://www.securityfocus.com/bid/35672

vdb-entryx_refsource_BID

http://secunia.com/advisories/35776

third-party-advisoryx_refsource_SECUNIA

http://www.zerodayinitiative.com/advisories/ZDI-09-058/

x_refsource_MISC

EPSS Score

85% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 14, 2009
Vulnerability Reserved
Jun 8, 2009