admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 17:21:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-24xx/CVE-2021-2416.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

109 lines
4.1 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-2416",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2021-10-20T11:16:16.570",
"lastModified": "2021-10-26T12:08:59.210",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communications (component: Routing). Supported versions that are affected are 8.4 and 9.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Communications Session Border Controller. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Communications Session Border Controller. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el producto Oracle Communications Session Border Controller de Oracle Communications (componente: Routing). Las versiones compatibles que est\u00e1n afectadas son 8.4 y la 9.0. Una vulnerabilidad explotable f\u00e1cilmente permite a un atacante muy privilegiado con acceso a la red por medio de HTTP comprometer a Oracle Communications Session Border Controller. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en una capacidad no autorizada de causar una suspensi\u00f3n o bloqueo repetible frecuentemente (DOS completa) de Oracle Communications Session Border Controller. CVSS 3.1 Puntuaci\u00f3n Base 4.9 (impactos en la Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "secalert_us@oracle.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 1.2,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9C416FD3-2E2F-4BBC-BD5F-F896825883F4"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D886339E-EDB2-4879-BD54-1800E4CA9CAE"
}
]
}
]
}
],
"references": [
{
"url": "https://www.oracle.com/security-alerts/cpuoct2021.html",
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink