CVE-2016-3496

{"id": "CVE-2016-3496", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.0", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2016-07-21T10:12:49.040", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91887", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036406", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Enterprise Manager for Fusion Middleware en Oracle Enterprise Manager Grid Control 11.1.1.7 y 11.1.1.9 permite a atacantes remotos afectar la confidencialidad a trav\u00e9s de vectores relacionados con SOA Topology Viewer."}], "lastModified": "2017-09-01T01:29:11.177", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:11.1.1.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "55CD19AE-0EAF-481D-9678-D36E5A3A3629"}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:11.1.1.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6546ECC-EB6E-483B-843C-5E69E213C356"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}