Lucene search

[email protected]NVD:CVE-2016-3472

HistoryJul 21, 2016 - 10:12 a.m.

CVE-2016-3472

2016-07-2110:12:26

[email protected]

web.nvd.nist.gov

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS3

5.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

0.001

Percentile

47.0%

JSON

Unspecified vulnerability in the Siebel Engineering - Installer and Deployment component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote authenticated users to affect confidentiality via vectors related to Web Server.

Affected configurations

Nvd

Node

oraclesiebel_engineering-installer_and_deploymentMatch8.1.1

oraclesiebel_engineering-installer_and_deploymentMatch8.2.2

oraclesiebel_engineering-installer_and_deploymentMatch2014

oraclesiebel_engineering-installer_and_deploymentMatch2015

oraclesiebel_engineering-installer_and_deploymentMatch2016

VendorProductVersionCPE
oraclesiebel_engineering-installer_and_deployment8.1.1cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:8.1.1:*:*:*:*:*:*:*
oraclesiebel_engineering-installer_and_deployment8.2.2cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:8.2.2:*:*:*:*:*:*:*
oraclesiebel_engineering-installer_and_deployment2014cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:2014:*:*:*:*:*:*:*
oraclesiebel_engineering-installer_and_deployment2015cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:2015:*:*:*:*:*:*:*
oraclesiebel_engineering-installer_and_deployment2016cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:2016:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	siebel_engineering-installer_and_deployment	8.1.1	cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:8.1.1:::::::*
oracle	siebel_engineering-installer_and_deployment	8.2.2	cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:8.2.2:::::::*
oracle	siebel_engineering-installer_and_deployment	2014	cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:2014:::::::*
oracle	siebel_engineering-installer_and_deployment	2015	cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:2015:::::::*
oracle	siebel_engineering-installer_and_deployment	2016	cpe:2.3:a:oracle:siebel_engineering-installer_and_deployment:2016:::::::*

References

www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

www.securityfocus.com/bid/91787

www.securityfocus.com/bid/91978

www.securitytracker.com/id/1036400

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS3

5.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

AI Score

4.3

Confidence

High

EPSS

0.001

Percentile

47.0%

JSON

Related for NVD:CVE-2016-3472

cvelist1 cve1 prion1 oracle1