Unspecified vulnerability in the Core RDBMS component in Oracle Database 188.8.131.52, 184.108.40.206DV, 10.1.0.5, 10.2.0.4, and 220.127.116.11 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to the Create User privilege.
When the scan runs and checks the response from the system for this vulnerability my system returns the DB version as 10.2.0.3 to MVM which is not vulnerable to this CVE but MVM still reports it in the scan results as being a High vulnerability which does not make sense since the system is not vulnerable. Is this normal or is it something that should be reported to McAfee for a fix, solution or workaround?
You might have an older version of that script. I can see the script was updated on April-5th, and the documentation actually now says:
An unspecified vulnerability exists in the core RDBMS component for some versions of Oracle Database that allows malicious remote network traffic to affect the confidentiality,integrity, and availability of a target system.
Which is slightly different than what you quoted, and that is why I think you have an older (possibly FP prone) version of the script.
Can you make sure to run FSUPdate to get the latest FSL Content Package, and re-scan to confirm.
Thanks for your reply, I checked and the FSL contect packages are up to date and have the same observation as what you specified above. What I originally quoted was the vulnerability details from the NIST site (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0860) when you click the CVE link in the Vulnerability Details from the scan. The NIST site lists the affected versions for this vulnerability which does not list our version - 10.2.0.3
I guess opening a Service Request would be the next step to have it addressed?