CVE-2016-3461

{"id": "CVE-2016-3461", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:M/C:P/I:P/A:P", "authentication": "MULTIPLE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.2, "obtainUserPrivilege": false, "obtainOtherPrivilege": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2016-04-21T11:00:39.917", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1035606", "source": "secalert_us@oracle.com"}, {"url": "https://www.tenable.com/security/research/tra-2016-11", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente MySQL Enterprise Monitor en Oracle MySQL 3.0.25 y versiones anteriores y 3.1.2 y versiones anteriores permite a administradores remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con Monitoring: Server."}], "lastModified": "2017-11-03T01:29:02.670", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "115CF3EE-5B79-461B-8C75-76AF42E58908"}, {"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A6268735-A987-4295-98DD-A10301C41981"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}