CVE-2008-4004

{"id": "CVE-2008-4004", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-10-14T21:11:11.457", "references": [{"url": "http://secunia.com/advisories/32291", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1021055", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2825", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45906", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/32291", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1021055", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/2825", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45906", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors."}, {"lang": "es", "value": "Una vulnerabilidad sin especificar en el componente JDE EnterpriseOne Business Service Server de Oracle PeopleSoft Enterprise, y de JD Edwards EnterpriseOne 8.97.2.2 y 8.98.0.1 permite a un usuario local comprometer la integridad de los datos por medio de un ataque desconocido."}], "lastModified": "2024-11-21T00:50:40.430", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jdedwards:enterpriseone:8.97.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9E2065FF-8C76-4AE0-A8BA-E7E52109364E"}, {"criteria": "cpe:2.3:a:jdedwards:enterpriseone:8.98.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE0FDFCF-F412-4D90-9CD7-D64B34E959DE"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.97.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2ABFCDEB-2907-4893-AF35-5084EC16B662"}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise:8.98.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7593CFCE-EF2C-4AE7-AEC5-CC2E472F8780"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}