Lucene search

MicrofocusCVE-2016-5763

HistoryNov 15, 2016 - 7:30 p.m.

CVE-2016-5763

2016-11-1519:30:01

CWE-254

microfocus

web.nvd.nist.gov

cve-2016-5763

novell open enterprise server

oes2015

oes11

remote attack

unauthorized access

file modification

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.006

Percentile

79.2%

JSON

Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update 10991, OES11 SP2 before Scheduled Maintenance Update 10989) might allow authenticated remote attackers to perform unauthorized file access and modification.

Affected configurations

Nvd

Node

novellopen_enterprise_server_11sp2

novellopen_enterprise_server_11sp3

novellopen_enterprise_server_2015

novellopen_enterprise_server_2015sp1

VendorProductVersionCPE
novellopen_enterprise_server_11*cpe:2.3:a:novell:open_enterprise_server_11:*:sp2:*:*:*:*:*:*
novellopen_enterprise_server_11*cpe:2.3:a:novell:open_enterprise_server_11:*:sp3:*:*:*:*:*:*
novellopen_enterprise_server_2015*cpe:2.3:a:novell:open_enterprise_server_2015:*:*:*:*:*:*:*:*
novellopen_enterprise_server_2015*cpe:2.3:a:novell:open_enterprise_server_2015:*:sp1:*:*:*:*:*:*

Vendor	Product	Version	CPE
novell	open_enterprise_server_11	*	cpe:2.3:a:novell:open_enterprise_server_11::sp2::::::*
novell	open_enterprise_server_11	*	cpe:2.3:a:novell:open_enterprise_server_11::sp3::::::*
novell	open_enterprise_server_2015	*	cpe:2.3:a:novell:open_enterprise_server_2015::::::::
novell	open_enterprise_server_2015	*	cpe:2.3:a:novell:open_enterprise_server_2015::sp1::::::*

CNA Affected

[
  {
    "product": "Novell Open Enterprise Server 11 and 2015",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Novell Open Enterprise Server 11 and 2015"
      }
    ]
  }
]

References

download.novell.com/Download?buildid=3Ho1yp5JOXA~

download.novell.com/Download?buildid=dfqmrymc0Rg~

download.novell.com/Download?buildid=Fj0Hdns7mxA~

download.novell.com/Download?buildid=s9_RxhgC8KU~

www.securityfocus.com/bid/94348

CVSS2

6.4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:P/A:N

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

8.9

Confidence

High

EPSS

0.006

Percentile

79.2%

JSON

Related for CVE-2016-5763