CVE-2016-0635

{"id": "CVE-2016-0635", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2016-07-21T10:12:00.177", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91869", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036377", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036378", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036393", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036397", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1037640", "source": "secalert_us@oracle.com"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "source": "secalert_us@oracle.com"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/91869", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036377", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036378", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036393", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036397", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1037640", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Enterprise Manager OPS Center en Oracle Enterprise Manager Grid Control versiones 12.1.4, 12.2.2 y 12.3.2; el componente Oracle Health Sciences Information Manager en Oracle Health Sciences versiones 1.2.8.3, 2.0.2.3 y 3.0.1.0; el componente de Oracle Healthcare Master Person index en Oracle Health Sciences Applications versiones 2.0.12, 3.0.0 y 4.0.1; el componente Oracle Insurance Calculation Engine en Oracle Insurance Applications anterior a la versi\u00f3n 12.5; el componente Insurance Calculation Engine de Oracle en las Oracle Insurance Applications versiones 9.7.1, 10.1.2 y 10.2.2; la Insurance Policy Administration de Oracle versi\u00f3n J2EE y los componentes de Oracle Insurance Rules Palette in Oracle Insurance Applications versiones 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0 y 10.2.2; el componente Oracle Retail Integration Bus en Oracle Retail Applications versi\u00f3n 15.0; el componente Oracle Retail Order Broker en Oracle Retail Applications versiones 5.1, 5.2 y 15.0; el componente Primavera Contract Management en Oracle Primavera Products Suite 14.2; el componente de Primavera P6 Enterprise Project Portfolio Management en Oracle primavera Products Suite versiones 8.2, 8.3, 8.4, 15.1, 15.2 y 16,1; el componente Financial Services Analytical Applications Infrastructure de Oracle Financial Services Applications de Oracle Financial Services versiones 8.0.0, 8.0.1, 8.0.2 y 8.0.3; los componentes de Oracle Commerce Guided Search / Oracle Commerce Experience Manager en Oracle Commerce versiones 3.1.1, 3.1.2, 11.0, 11.1 y 11.2; el componente Oracle Agile PLM en Oracle Supply Chain Products Suite versiones 9.3.4 y 9.3.5; en Oracle Communications BRM - Elastic Charging Engine en las versiones 11.2.0.0.0 y 11.3.0.0.0; Oracle Enterprise Repository versi\u00f3n 12.1.3.0.0; en Oracle Financial Services Behavior Detection Platform versiones 8.0.1 y 8.0.2; en Oracle Hyperion Essbase versi\u00f3n 12.2.1.1; en Oracle Tuxedo System and Applications Monitor (TSAM) versiones 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0 y 12.2.2.0.0; el componente de Oracle Communications WebRTC Session Controller de la aplicaci\u00f3n Oracle Communications (subcomponente: seguridad (Spring)) versiones 7.0, 7.1 y 7.2; en Oracle Endeca Information Discovery Integrator versi\u00f3n 3.2; el componente Converged Commerce de Oracle Retail Applications 16.0.1; Oracle Identity Manager versi\u00f3n 11.1.2.3.0; en Oracle Enterprise Manager para MySQL Database versi\u00f3n 12.1.0.4; Oracle Retail Invoice Matching versiones 12.0, 13.0, 13.1, 13.2, 14.0 y 14.1; en Software Oracle Communications Performance Intelligence Center (PIC) anterior a la versi\u00f3n 10.2.1 y el componente Oracle Knowledge de Oracle Siebel CRM (subcomponente: AnswerFlow (Spring Framework)) versiones 8.5.1.0, 8.5.1.7 y 8.6.0 permite a los usuarios autenticados remotos afectar a la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos."}], "lastModified": "2024-11-21T02:42:03.553", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "01343D36-2216-41A3-9DFC-0C5DB51D4C99", "versionEndIncluding": "12.5"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA2CF507-AA3F-464C-88DF-71E30672E623"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BE12B6A4-E128-41EC-8017-558F50B961BE"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F8B45C6-A877-4317-BCE5-EF9E9542276A"}, {"criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:1.2.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "86137150-DCA9-48DF-AD0C-55A4F7D3755A"}, {"criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:2.0.2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07836763-D6DF-46BD-87BE-899A0E3CD67E"}, {"criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2298850C-D649-461F-8F7E-D835E431BA22"}, {"criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:2.0.12:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3E32AAFA-06B2-407A-A76F-1DC6145F0FF4"}, {"criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B5E573A7-4136-4AE5-B72B-B7F30E457A09"}, {"criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8AFE047-01DC-4F1F-A566-9734EE946068"}, {"criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:9.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "418B41F8-C9E9-4901-AE9F-9950530CE322"}, {"criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B8963C5-453B-4EEE-8897-36FCFD9E1BB8"}, {"criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34CDC297-3C72-451B-AC07-48E8C6078035"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D22E21FA-C87A-422F-8FF6-4CF618C3833A"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B33AD0F-9537-4E26-8148-C0B45B9CB311"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C24C6391-0C5F-4564-9D85-0097C5B52942"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2520FFA2-84B8-42DB-8A16-AB522AC946DC"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64D4B80E-2B67-4BDC-9A3A-7BFDA171016A"}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5082FFBD-F6DF-4EA8-9E39-0EC13DE72346"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:9.6.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A870C366-0E16-47BE-A432-ECE3BA7B8E96"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:9.7.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DAA2D4F-DBD8-4EE5-A727-5A3A596FF232"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD2725B9-A725-4C1C-8503-176A7B359402"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CBAE72BB-6697-46A5-B90F-E0CA400ABC85"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AEDF91E2-E7B5-40EE-B71F-C7D59F4021BD"}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1DCB15F-9481-4ACE-9751-6BF09404A2BE"}, {"criteria": "cpe:2.3:a:oracle:primavera_contract_management:14.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B349436-FAB2-4802-9189-ED6CAD96704C"}, {"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A56DC460-26F5-453E-A5BC-4C60AA3212EB"}, {"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A47BF03C-BF18-4477-9DBB-20EFEA53AFAB"}, {"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84BF6794-2CE6-407F-B8E0-81871AB7B40B"}, {"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93A4E178-0082-45C5-BBC0-0A4E51C8B1DE"}, {"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F021C23-AB9B-4877-833F-D01359A98762"}, {"criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2F8ED016-32A1-42EE-844E-3E6B2C116B74"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42064F46-3012-4FB1-89BA-F13C2E4CBB6B"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1805C8F-2487-436C-B1DE-5EBC5687F38E"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AA9A5354-415D-44F3-8B59-C2177D1244A1"}, {"criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B9763AF-282B-40C7-B35C-4CA8C22FDC76"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}