admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-29xx/CVE-2019-2953.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

105 lines
4.2 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-2953",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2019-10-16T18:15:30.527",
"lastModified": "2019-10-18T18:50:46.147",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Oracle Hospitality Cruise Dining Room Management product of Oracle Hospitality Applications (component: Web Service). The supported version that is affected is 8.0.80. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Dining Room Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Dining Room Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Dining Room Management accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N)."
},
{
"lang": "es",
"value": "Una vulnerabilidad en el producto Oracle Hospitality Cruise Dining Room Management de Oracle Hospitality Applications (componente: Web Service). La versi\u00f3n compatible que est\u00e1 afectada es 8.0.80. Una vulnerabilidad f\u00e1cilmente explotable permite a un atacante poco privilegiado con acceso a la red por medio de HTTP comprometer a Oracle Hospitality Cruise Dining Room Management. Los ataques con \u00e9xito de esta vulnerabilidad pueden resultar en el acceso no autorizado a datos cr\u00edticos o el acceso total a todos los datos accesibles de Oracle Hospitality Cruise Dining Room Management, as\u00ed como tambi\u00e9n actualizar, insertar o eliminar de forma no autorizada el acceso a algunos de los datos accesibles de Oracle Hospitality Cruise Dining Room Management. CVSS 3.0 Puntuaci\u00f3n Base 7.1 (Impactos de la Confidencialidad e Integridad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE",
"baseScore": 5.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:hospitality_cruise_dining_room_management:8.0.80:*:*:*:*:*:*:*",
"matchCriteriaId": "EF9E491A-0256-41B1-A23F-41F3B052CAA7"
}
]
}
]
}
],
"references": [
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink