Lucene search

[email protected]CVE-2016-5466

HistoryJul 21, 2016 - 10:15 a.m.

CVE-2016-5466

2016-07-2110:15:23

[email protected]

web.nvd.nist.gov

cve-2016-5466

oracle siebel crm

unspecified vulnerability

remote attackers

confidentiality

security weakness.

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

3.6 Low

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.9%

JSON

Unspecified vulnerability in the Siebel Core - Server Framework component in Oracle Siebel CRM 8.1.1, 8.2.2, IP2014, IP2015, and IP2016 allows remote attackers to affect confidentiality via vectors related to Services, a different vulnerability than CVE-2016-3450 and CVE-2016-5460.

Affected configurations

NVD

Node

oraclesiebel_core-server_frameworkMatch8.1.1

oraclesiebel_core-server_frameworkMatch8.2.2

oraclesiebel_core-server_frameworkMatch2014

oraclesiebel_core-server_frameworkMatch2015

oraclesiebel_core-server_frameworkMatch2016

CPENameOperatorVersion
oracle:siebel_core-server_frameworkoracle siebel core-server frameworkeq8.1.1
oracle:siebel_core-server_frameworkoracle siebel core-server frameworkeq8.2.2
oracle:siebel_core-server_frameworkoracle siebel core-server frameworkeq2014
oracle:siebel_core-server_frameworkoracle siebel core-server frameworkeq2015
oracle:siebel_core-server_frameworkoracle siebel core-server frameworkeq2016

CPE	Name	Operator	Version
oracle:siebel_core-server_framework	oracle siebel core-server framework	eq	8.1.1
oracle:siebel_core-server_framework	oracle siebel core-server framework	eq	8.2.2
oracle:siebel_core-server_framework	oracle siebel core-server framework	eq	2014
oracle:siebel_core-server_framework	oracle siebel core-server framework	eq	2015
oracle:siebel_core-server_framework	oracle siebel core-server framework	eq	2016

References

www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

www.securityfocus.com/bid/91787

www.securityfocus.com/bid/91970

www.securitytracker.com/id/1036400

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

3.6 Low

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.9%

JSON

Related for CVE-2016-5466

cvelist3 nvd3 prion3 cve2 oracle1