nvd-json-data-feeds/CVE-2016/CVE-2016-04xx/CVE-2016-0425.json

{
  "id": "CVE-2016-0425",
  "sourceIdentifier": "secalert_us@oracle.com",
  "published": "2016-01-21T02:59:34.597",
  "lastModified": "2024-11-21T02:41:40.357",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Monitoring and Diagnostics."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente JD Edwards EnterpriseOne Tools en Oracle JD Edwards Products 9.1 y 9.2 permite a usuarios remotos autenticados afectar a la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Monitoring y Diagnostics."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "baseScore": 6.0,
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:jd_edwards_products:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49EB63E0-F74D-4C36-B10A-E995FD7AAA0D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:jd_edwards_products:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E96C0D-6CC9-4083-84C5-20835C267D47"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html",
      "source": "secalert_us@oracle.com"
    },
    {
      "url": "http://seclists.org/fulldisclosure/2016/Aug/129",
      "source": "secalert_us@oracle.com"
    },
    {
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id/1034722",
      "source": "secalert_us@oracle.com"
    },
    {
      "url": "http://packetstormsecurity.com/files/138511/JD-Edwards-9.1-EnterpriseOne-Server-Password-Disclosure.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://seclists.org/fulldisclosure/2016/Aug/129",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    },
    {
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id/1034722",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}