nvd-json-data-feeds/CVE-2016/CVE-2016-06xx/CVE-2016-0673.json

{
  "id": "CVE-2016-0673",
  "sourceIdentifier": "secalert_us@oracle.com",
  "published": "2016-04-21T10:59:35.930",
  "lastModified": "2024-11-21T02:42:08.207",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote authenticated users to affect confidentiality and integrity via vectors related to UIF Open UI."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente Siebel UI Framework en Oracle Siebel CRM 8.1.1 y 8.2.2 permite a usuarios remotos autenticados afectar a la confidencialidad e integridad a trav\u00e9s de vectores relacionados con UIF Open UI."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N",
          "baseScore": 4.9,
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 6.8,
        "impactScore": 4.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:siebel_ui_framework:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3548AC23-D3AF-4202-9F87-C9A29A56B376"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:siebel_ui_framework:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "14EF3E4D-FC8E-446B-A2FD-621A20578ED2"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id/1035598",
      "source": "secalert_us@oracle.com"
    },
    {
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id/1035598",
      "source": "af854a3a-2127-422b-91ae-364da2661108"
    }
  ]
}