Lucene search

[email protected]CVE-2016-0496

HistoryJan 21, 2016 - 3:00 a.m.

CVE-2016-0496

2016-01-2103:00:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

oracle

retail applications

micros cwdirect

remote attack

confidentiality

cve-2016-0496

nvd

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

64.9%

JSON

Unspecified vulnerability in the MICROS CWDirect component in Oracle Retail Applications 12.5, 13.0, 14.0, 15.0, 16.0, 17.0, and 18.0 allows remote attackers to affect confidentiality via unknown vectors related to Order Entry.

CPENameOperatorVersion
oracle:micros_cwdirectoracle micros cwdirecteq13.0
oracle:micros_cwdirectoracle micros cwdirecteq18.0
oracle:micros_cwdirectoracle micros cwdirecteq14.0
oracle:micros_cwdirectoracle micros cwdirecteq16.0
oracle:micros_cwdirectoracle micros cwdirecteq12.5
oracle:micros_cwdirectoracle micros cwdirecteq15.0
oracle:micros_cwdirectoracle micros cwdirecteq17.0

CPE	Name	Operator	Version
oracle:micros_cwdirect	oracle micros cwdirect	eq	13.0
oracle:micros_cwdirect	oracle micros cwdirect	eq	18.0
oracle:micros_cwdirect	oracle micros cwdirect	eq	14.0
oracle:micros_cwdirect	oracle micros cwdirect	eq	16.0
oracle:micros_cwdirect	oracle micros cwdirect	eq	12.5
oracle:micros_cwdirect	oracle micros cwdirect	eq	15.0
oracle:micros_cwdirect	oracle micros cwdirect	eq	17.0

References

www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

www.securitytracker.com/id/1034718

6.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.003 Low

EPSS

Percentile

64.9%

JSON

Related for CVE-2016-0496

prion1 cvelist1 oracle1