CVE-2012-3219

Name of the Vulnerable Software and Affected Versions Oracle Enterprise Manager Grid Control EM Base Platform versions 10.2.0.5 and 11.1.0.1 Oracle EM DB Control versions 10.2.0.3 through 10.2.0.5 and versions 11.1.0.7 through 11.2.0.3 Oracle EM Plugin for DB versions 12.1.0.1 through 12.1.0.2

Description The issue allows remote attackers to affect integrity and bypass security restrictions, potentially executing arbitrary SQL commands and gaining access to sensitive data. The vulnerability is related to Storage Management in the Enterprise Manager Base Platform component.

Recommendations For Oracle Enterprise Manager Grid Control EM Base Platform versions 10.2.0.5 and 11.1.0.1, update to a version that addresses the issue. For Oracle EM DB Control versions 10.2.0.3 through 10.2.0.5 and versions 11.1.0.7 through 11.2.0.3, update to a version that addresses the issue. For Oracle EM Plugin for DB versions 12.1.0.1 through 12.1.0.2, update to a version that addresses the issue. As a temporary workaround, consider restricting access to the Storage Management component until a patch is available.