admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-36xx/CVE-2017-3619.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

131 lines
4.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-3619",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2017-04-24T19:59:06.660",
"lastModified": "2024-11-21T03:25:56.653",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Automatic Service Request (ASR) component of Oracle Support Tools (subcomponent: ASR Manager). The supported version that is affected is Prior to 5.7. Easily \"exploitable\" vulnerability allows low privileged attacker with logon to the infrastructure where Automatic Service Request (ASR) executes to compromise Automatic Service Request (ASR). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Automatic Service Request (ASR) accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)."
},
{
"lang": "es",
"value": "Versiones afectadas anteriores a la 5.7. La vulnerabilidad permite que un atacante con pocos privilegios e inicio de sesi\u00f3n en la infraestructura donde se ejecute el ASR (Automatic Service Request) le comprometa. Un ataque exitoso pueden resultar en acceso no autorizado a datos cr\u00edticos o acceso completo a todos los datos accesibles de ASR (Automatic Service Request). CVSS 3.0 Puntaje 5.5 (Incidencia en confidencialidad). Vector CVSS: (CVSS: 3.0 / AV: L / AC: L / PR: L / UI: N / S: U / C: H / I: N / A: N)."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
"baseScore": 4.9,
"accessVector": "LOCAL",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:automatic_service_request:*:*:*:*:*:*:*:*",
"versionEndIncluding": "5.5.1",
"matchCriteriaId": "9F616945-AC9D-4430-96D8-538F88188ECA"
}
]
}
]
}
],
"references": [
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/97771",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/97771",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink