{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2013-3749", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.3 allows remote authenticated users to affect confidentiality via unknown vectors related to Logging. NOTE: the previous information is from the July 2013 CPU. Oracle has not commented on claims from a third party that the issue is due to storage of credentials in the (1) FND_LOG_MESSAGES database table or (2) log files by \"native login pages.\"" } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "refsource" : "CONFIRM", "url" : "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html" }, { "name" : "VU#826463", "refsource" : "CERT-VN", "url" : "http://www.kb.cert.org/vuls/id/826463" }, { "name" : "61268", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/61268" }, { "name" : "95286", "refsource" : "OSVDB", "url" : "http://osvdb.org/95286" }, { "name" : "1028799", "refsource" : "SECTRACK", "url" : "http://www.securitytracker.com/id/1028799" }, { "name" : "54222", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/54222" }, { "name" : "oracle-cpujuly2013-cve20133749(85673)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/85673" } ] } }