CVE-2016-5476

{"id": "CVE-2016-5476", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.7, "exploitabilityScore": 2.8}]}, "published": "2016-07-21T10:15:33.917", "references": [{"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/91897", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1036397", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/91787", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/91897", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1036397", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1, and 15.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to Install."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Retail Integration Bus en Oracle Retail Applications 13.0, 13.1, 13.2, 14.0, 14.1 y 15.0 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores relacionados con Install."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40AABFD3-1D0D-4C6B-BA9A-9DA70241B51C"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E696579-1823-48AA-AEF8-4FE2BFD006B3"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:13.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04DABF11-DF0B-4DBE-BE10-423B3A293193"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "563380F4-E1A8-48CF-A194-D79E89A5D00B"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE7DB324-98A0-40AD-96D4-0800340F6F3A"}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "42064F46-3012-4FB1-89BA-F13C2E4CBB6B"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}