CVE-2016-3504

{"id": "CVE-2016-3504", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2016-07-21T10:12:57.557", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/92023", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036370", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/92023", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036370", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle JDeveloper en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 y 12.2.1.0.0 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores relacionados con ADF Faces."}], "lastModified": "2024-11-21T02:50:09.170", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07EF593B-376C-4367-B9FB-1F429062576C"}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7506589-9B3B-49BA-B826-774BFDCC45B8"}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.2.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2B70A973-A5C5-4E51-B93C-C22888E24FF1"}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "042C243F-EDFE-4A04-AB0B-26E73CC34837"}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "204CEEBC-3D7C-483D-99D6-264EEFAE968C"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}