nvd-json-data-feeds/CVE-2015/CVE-2015-49xx/CVE-2015-4919.json

{
  "id": "CVE-2015-4919",
  "sourceIdentifier": "secalert_us@oracle.com",
  "published": "2016-01-21T02:59:02.907",
  "lastModified": "2016-12-07T18:15:14.447",
  "vulnStatus": "Modified",
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JD Edwards EnterpriseOne Tools component in Oracle JD Edwards Products 9.1 and 9.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Monitoring and Diagnostics SEC."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente JD Edwards EnterpriseOne Tools en Oracle JD Edwards Products 9.1 y 9.2 permite a atacantes remotos afectar a la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores relacionados con Monitoring and Diagnostics SEC."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:jd_edwards_products:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49EB63E0-F74D-4C36-B10A-E995FD7AAA0D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:jd_edwards_products:9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E96C0D-6CC9-4083-84C5-20835C267D47"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html",
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.securitytracker.com/id/1034722",
      "source": "secalert_us@oracle.com"
    }
  ]
}