fkie_cve-2016-0635
Vulnerability from fkie_nvd
Published
2016-07-21 10:12
Modified
2025-04-12 10:46
Severity ?
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
References
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Vendor Advisory
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
secalert_us@oracle.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
secalert_us@oracle.comhttp://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
secalert_us@oracle.comhttp://www.securityfocus.com/bid/91869
secalert_us@oracle.comhttp://www.securitytracker.com/id/1036377
secalert_us@oracle.comhttp://www.securitytracker.com/id/1036378
secalert_us@oracle.comhttp://www.securitytracker.com/id/1036393
secalert_us@oracle.comhttp://www.securitytracker.com/id/1036397
secalert_us@oracle.comhttp://www.securitytracker.com/id/1037640
secalert_us@oracle.comhttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
secalert_us@oracle.comhttps://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91787Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/91869
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036377
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036378
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036393
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1036397
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1037640
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Impacted products
Vendor Product Version
oracle documaker *
oracle enterprise_manager_ops_center 12.1.4
oracle enterprise_manager_ops_center 12.2.2
oracle enterprise_manager_ops_center 12.3.2
oracle health_sciences_information_manager 1.2.8.3
oracle health_sciences_information_manager 2.0.2.3
oracle health_sciences_information_manager 3.0.1.0
oracle healthcare_master_person_index 2.0.12
oracle healthcare_master_person_index 3.0.0
oracle healthcare_master_person_index 4.0.1
oracle insurance_calculation_engine 9.7.1
oracle insurance_calculation_engine 10.1.2
oracle insurance_calculation_engine 10.2.2
oracle insurance_policy_administration_j2ee 9.6.1
oracle insurance_policy_administration_j2ee 9.7.1
oracle insurance_policy_administration_j2ee 10.0.1
oracle insurance_policy_administration_j2ee 10.1.2
oracle insurance_policy_administration_j2ee 10.2.0
oracle insurance_policy_administration_j2ee 10.2.2
oracle insurance_rules_palette 9.6.1
oracle insurance_rules_palette 9.7.1
oracle insurance_rules_palette 10.0.1
oracle insurance_rules_palette 10.1.2
oracle insurance_rules_palette 10.2.0
oracle insurance_rules_palette 10.2.2
oracle primavera_contract_management 14.2
oracle primavera_p6_enterprise_project_portfolio_management 8.2
oracle primavera_p6_enterprise_project_portfolio_management 8.3
oracle primavera_p6_enterprise_project_portfolio_management 8.4
oracle primavera_p6_enterprise_project_portfolio_management 15.1
oracle primavera_p6_enterprise_project_portfolio_management 15.2
oracle primavera_p6_enterprise_project_portfolio_management 16.1
oracle retail_integration_bus 15.0
oracle retail_order_broker_cloud_service 5.1
oracle retail_order_broker_cloud_service 5.2
oracle retail_order_broker_cloud_service 15.0


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:documaker:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "01343D36-2216-41A3-9DFC-0C5DB51D4C99",
              "versionEndIncluding": "12.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA2CF507-AA3F-464C-88DF-71E30672E623",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE12B6A4-E128-41EC-8017-558F50B961BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8B45C6-A877-4317-BCE5-EF9E9542276A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:1.2.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "86137150-DCA9-48DF-AD0C-55A4F7D3755A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:2.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "07836763-D6DF-46BD-87BE-899A0E3CD67E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:health_sciences_information_manager:3.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2298850C-D649-461F-8F7E-D835E431BA22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:2.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E32AAFA-06B2-407A-A76F-1DC6145F0FF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E573A7-4136-4AE5-B72B-B7F30E457A09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:healthcare_master_person_index:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8AFE047-01DC-4F1F-A566-9734EE946068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "418B41F8-C9E9-4901-AE9F-9950530CE322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B8963C5-453B-4EEE-8897-36FCFD9E1BB8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "34CDC297-3C72-451B-AC07-48E8C6078035",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D22E21FA-C87A-422F-8FF6-4CF618C3833A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B33AD0F-9537-4E26-8148-C0B45B9CB311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C24C6391-0C5F-4564-9D85-0097C5B52942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2520FFA2-84B8-42DB-8A16-AB522AC946DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "64D4B80E-2B67-4BDC-9A3A-7BFDA171016A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_policy_administration_j2ee:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5082FFBD-F6DF-4EA8-9E39-0EC13DE72346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:9.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A870C366-0E16-47BE-A432-ECE3BA7B8E96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:9.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DAA2D4F-DBD8-4EE5-A727-5A3A596FF232",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD2725B9-A725-4C1C-8503-176A7B359402",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBAE72BB-6697-46A5-B90F-E0CA400ABC85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEDF91E2-E7B5-40EE-B71F-C7D59F4021BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1DCB15F-9481-4ACE-9751-6BF09404A2BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_contract_management:14.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B349436-FAB2-4802-9189-ED6CAD96704C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A56DC460-26F5-453E-A5BC-4C60AA3212EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A47BF03C-BF18-4477-9DBB-20EFEA53AFAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "84BF6794-2CE6-407F-B8E0-81871AB7B40B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A4E178-0082-45C5-BBC0-0A4E51C8B1DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:15.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "3F021C23-AB9B-4877-833F-D01359A98762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:primavera_p6_enterprise_project_portfolio_management:16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F8ED016-32A1-42EE-844E-3E6B2C116B74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42064F46-3012-4FB1-89BA-F13C2E4CBB6B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1805C8F-2487-436C-B1DE-5EBC5687F38E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA9A5354-415D-44F3-8B59-C2177D1244A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:retail_order_broker_cloud_service:15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B9763AF-282B-40C7-B35C-4CA8C22FDC76",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Enterprise Manager Ops Center component in Oracle Enterprise Manager Grid Control 12.1.4, 12.2.2, and 12.3.2; the Oracle Health Sciences Information Manager component in Oracle Health Sciences Applications 1.2.8.3, 2.0.2.3, and 3.0.1.0; the Oracle Healthcare Master Person Index component in Oracle Health Sciences Applications 2.0.12, 3.0.0, and 4.0.1; the Oracle Documaker component in Oracle Insurance Applications before 12.5; the Oracle Insurance Calculation Engine component in Oracle Insurance Applications 9.7.1, 10.1.2, and 10.2.2; the Oracle Insurance Policy Administration J2EE and Oracle Insurance Rules Palette components in Oracle Insurance Applications 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0, and 10.2.2; the Oracle Retail Integration Bus component in Oracle Retail Applications 15.0; the Oracle Retail Order Broker component in Oracle Retail Applications 5.1, 5.2, and 15.0; the Primavera Contract Management component in Oracle Primavera Products Suite 14.2; the Primavera P6 Enterprise Project Portfolio Management component in Oracle Primavera Products Suite 8.2, 8.3, 8.4, 15.1, 15.2, and 16.1; the Oracle Financial Services Analytical Applications Infrastructure component in Oracle Financial Services Applications 8.0.0, 8.0.1, 8.0.2, and 8.0.3; the Oracle Commerce Guided Search / Oracle Commerce Experience Manager component in Oracle Commerce 3.1.1, 3.1.2, 11.0, 11.1, and 11.2; the Oracle Agile PLM component in Oracle Supply Chain Products Suite 9.3.4 and 9.3.5; the Oracle Communications BRM - Elastic Charging Engine 11.2.0.0.0 and 11.3.0.0.0; the Oracle Enterprise Repository Enterprise Repository 12.1.3.0.0; the Oracle Financial Services Behavior Detection Platform 8.0.1 and 8.0.2; the Oracle Hyperion Essbase 12.2.1.1; the Oracle Tuxedo System and Applications Monitor (TSAM) 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0, and 12.2.2.0.0; the Oracle Communications WebRTC Session Controller component of Oracle Communications Applications (subcomponent: Security (Spring)) 7.0, 7.1 and 7.2; the Oracle Endeca Information Discovery Integrator 3.2; the Converged Commerce component of Oracle Retail Applications 16.0.1; the Oracle Identity Manager 11.1.2.3.0; Oracle Enterprise Manager for MySQL Database 12.1.0.4; Oracle Retail Invoice Matching 12.0, 13.0, 13.1, 13.2, 14.0, and 14.1; Oracle Communications Performance Intelligence Center (PIC) Software Prior to 10.2.1 and the Oracle Knowledge component of Oracle Siebel CRM (subcomponent: AnswerFlow (Spring Framework)) version 8.5.1.0 - 8.5.1.7 and 8.6.0 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente Enterprise Manager OPS Center en Oracle Enterprise Manager Grid Control versiones 12.1.4, 12.2.2 y 12.3.2; el componente Oracle Health Sciences Information Manager en Oracle Health Sciences versiones 1.2.8.3, 2.0.2.3 y 3.0.1.0; el componente de Oracle Healthcare Master Person index en Oracle Health Sciences Applications versiones 2.0.12, 3.0.0 y 4.0.1; el componente Oracle Insurance Calculation Engine en Oracle Insurance Applications anterior a la versi\u00f3n 12.5; el componente Insurance Calculation Engine de Oracle en las Oracle Insurance Applications versiones 9.7.1, 10.1.2 y 10.2.2; la Insurance Policy Administration de Oracle versi\u00f3n J2EE y los componentes de Oracle Insurance Rules Palette in Oracle Insurance Applications versiones 9.6.1, 9.7.1, 10.0.1, 10.1.2, 10.2.0 y 10.2.2; el componente Oracle Retail Integration Bus en Oracle Retail Applications versi\u00f3n 15.0; el componente Oracle Retail Order Broker en Oracle Retail Applications versiones 5.1, 5.2 y 15.0; el componente Primavera Contract Management en Oracle Primavera Products Suite 14.2; el componente de Primavera P6 Enterprise Project Portfolio Management en Oracle primavera Products Suite versiones 8.2, 8.3, 8.4, 15.1, 15.2 y 16,1; el componente Financial Services Analytical Applications Infrastructure  de Oracle Financial Services Applications de Oracle Financial Services versiones 8.0.0, 8.0.1, 8.0.2 y 8.0.3; los componentes de Oracle Commerce Guided Search / Oracle Commerce Experience Manager en Oracle Commerce versiones 3.1.1, 3.1.2, 11.0, 11.1 y 11.2; el componente Oracle Agile PLM en Oracle Supply Chain Products Suite versiones 9.3.4 y 9.3.5; en Oracle Communications BRM - Elastic Charging Engine en las versiones 11.2.0.0.0 y 11.3.0.0.0; Oracle Enterprise Repository versi\u00f3n 12.1.3.0.0; en Oracle Financial Services Behavior Detection Platform versiones 8.0.1 y 8.0.2; en Oracle Hyperion Essbase versi\u00f3n 12.2.1.1; en Oracle Tuxedo System and Applications Monitor (TSAM) versiones 11.1.1.2.0, 11.1.1.2.1, 11.1.1.2.1, 12.1.1.1.0, 12.1.3.0.0 y 12.2.2.0.0; el componente de Oracle Communications WebRTC Session Controller de la aplicaci\u00f3n Oracle Communications (subcomponente: seguridad (Spring)) versiones 7.0, 7.1 y 7.2; en Oracle Endeca Information Discovery Integrator versi\u00f3n 3.2; el componente Converged Commerce de Oracle Retail Applications 16.0.1; Oracle Identity Manager versi\u00f3n 11.1.2.3.0; en Oracle Enterprise Manager para MySQL Database versi\u00f3n 12.1.0.4; Oracle Retail Invoice Matching versiones 12.0, 13.0, 13.1, 13.2, 14.0 y 14.1; en Software Oracle Communications Performance Intelligence Center (PIC) anterior a la versi\u00f3n 10.2.1 y el componente Oracle Knowledge de Oracle Siebel CRM (subcomponente: AnswerFlow (Spring Framework)) versiones 8.5.1.0, 8.5.1.7 y 8.6.0 permite a los usuarios autenticados remotos afectar a la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos."
    }
  ],
  "id": "CVE-2016-0635",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-21T10:12:00.177",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securityfocus.com/bid/91869"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id/1036377"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id/1036378"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id/1036393"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id/1036397"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id/1037640"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/91869"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036378"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036393"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1037640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.