nvd-json-data-feeds/CVE-2019/CVE-2019-27xx/CVE-2019-2763.json

{
  "id": "CVE-2019-2763",
  "sourceIdentifier": "secalert_us@oracle.com",
  "published": "2019-07-23T23:15:39.960",
  "lastModified": "2024-11-21T04:41:30.820",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Vulnerability in the Oracle Hospitality Gift and Loyalty component of Oracle Food and Beverage Applications. Supported versions that are affected are 9.0.0 and 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Gift and Loyalty. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Gift and Loyalty accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Gift and Loyalty accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)."
    },
    {
      "lang": "es",
      "value": "Una Vulnerabilidad en el componente Oracle Hospitality Gift and Loyalty de Food and Beverage Applications de Oracle. Las versiones compatibles que est\u00e1n afectadas son 9.0.0 y 9.1.0. Una vulnerabilidad f\u00e1cilmente explotable permite a los atacantes no autenticados con acceso a la red por medio de HTTP comprometer a Oracle Hospitality Gift and Loyalty. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en un acceso no autorizado a datos cr\u00edticos o acceso completo a todos los datos accesibles de Oracle Hospitality Gift and Loyalty, as\u00ed como tambi\u00e9n en actualizaciones no autorizadas, insertar o eliminar el acceso a algunos de los datos accesibles de Oracle Hospitality Gift and Loyalty. CVSS 3.0 Puntuaci\u00f3n base 8.2 (Impactos de Confidencialidad e Integridad). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N)."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "baseScore": 6.4,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:food_and_beverage_applications:9.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "85CF6296-ECDC-49CB-BF28-4149C884DC66"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:oracle:food_and_beverage_applications:9.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D707D35-20D0-4D6B-9FA7-209BF661EA20"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    }
  ]
}