CVE-2016-3444

{"id": "CVE-2016-3444", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-07-21T10:12:09.253", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91883", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036397", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Install."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Retail Integration Bus en Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1 y 15.0 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores relacionados con Install."}], "lastModified": "2017-09-01T01:29:08.960", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40AABFD3-1D0D-4C6B-BA9A-9DA70241B51C"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E696579-1823-48AA-AEF8-4FE2BFD006B3"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04DABF11-DF0B-4DBE-BE10-423B3A293193"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "563380F4-E1A8-48CF-A194-D79E89A5D00B"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE7DB324-98A0-40AD-96D4-0800340F6F3A"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42064F46-3012-4FB1-89BA-F13C2E4CBB6B"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}