CVE-2016-5468

{"id": "CVE-2016-5468", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2016-07-21T10:15:25.507", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91973", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036400", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Siebel UI Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality and integrity via vectors related to EAI, a different vulnerability than CVE-2016-5451."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Siebel UI Framework en Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015 e IP2016 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a trav\u00e9s de vectores relacionados con EAI, una vulnerabilidad diferente a CVE-2016-5451."}], "lastModified": "2017-09-01T01:29:30.787", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:8.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3548AC23-D3AF-4202-9F87-C9A29A56B376"}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:8.2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14EF3E4D-FC8E-446B-A2FD-621A20578ED2"}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:2014:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3B95DDDC-735E-46DA-8975-4C6C7B8C2012"}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:2015:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "888FB996-71B2-47F4-A98F-54DF8E88B067"}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:2016:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D39F613D-E2B6-4ECE-A3A6-3C4E7DC7503A"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}