CVE-2010-4437

{"id": "CVE-2010-4437", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-01-19T17:00:02.203", "references": [{"url": "http://osvdb.org/70571", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/42975", "source": "secalert_us@oracle.com"}, {"url": "http://securityreason.com/securityalert/8126", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/45852", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id?1024981", "source": "secalert_us@oracle.com"}, {"url": "http://www.vupen.com/english/advisories/2011/0143", "source": "secalert_us@oracle.com"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/64764", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionados con el Servlet Container."}], "lastModified": "2017-08-17T01:33:11.807", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:fusion_middleware:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1772787A-DA11-413E-8B82-93074C325EF4"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:9.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA7DFF34-F1BC-4CB1-8D68-CDEAC454F856"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:9.2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A70B39C4-DA43-4635-BF95-6FA9780B4F32"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:10.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "66F77B48-8DD3-4067-96CF-F7F8A92E03AA"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:10.3.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17575FE2-9B9B-434A-AD6B-8FFACB73A30C"}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware:10.3.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93EFBC67-F1C0-4256-BB08-17A3BCFE9CE2"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}