CVE-2015-2570

{"id": "CVE-2015-2570", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-04-16T17:00:03.440", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/74116", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1032124", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/74116", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1032124", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Demand Planning component in Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, and 12.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Security."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Demand Planning en Oracle Supply Chain Products Suite 11.5.10, 12.0, 12.1, y 12.2 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con la seguridad."}], "lastModified": "2025-04-12T10:46:40.837", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:11.5.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F6E1B337-32CA-4ED1-A127-7F2B53C9813A"}, {"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:12.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "173EFE11-9648-4C93-B50A-2538CB567F45"}, {"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:12.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "77BCA159-6DD6-441B-B96F-E330B77EEF90"}, {"criteria": "cpe:2.3:a:oracle:supply_chain_products_suite:12.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CAEB4A10-2A90-4D84-BF63-3C84C7D7DC64"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}