CVE-2016-5581 - Vulnerability Details - OpenCVE

Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

No CVSS v4.0

No CVSS v3.1

Attack Vector Physical

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Oracle	Irecruitment

Configuration 1 [-]

OR	cpe:2.3:a:oracle:irecruitment:12.1.1:::::::*
	cpe:2.3:a:oracle:irecruitment:12.1.2:::::::*
	cpe:2.3:a:oracle:irecruitment:12.1.3:::::::*
	cpe:2.3:a:oracle:irecruitment:12.2.3:::::::*
	cpe:2.3:a:oracle:irecruitment:12.2.4:::::::*
	cpe:2.3:a:oracle:irecruitment:12.2.5:::::::*
	cpe:2.3:a:oracle:irecruitment:12.2.6:::::::*

No data.

References

Link	Providers
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.securityfocus.com/bid/93743
http://www.securitytracker.com/id/1037038

History

Fri, 11 Oct 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2016-10-25T14:00:00

Updated: 2024-10-10T18:23:29.189Z

Reserved: 2016-06-16T00:00:00

Link: CVE-2016-5581

Vulnrichment

Updated: 2024-08-06T01:07:57.889Z

NVD

Status : Deferred

Published: 2016-10-25T14:30:51.247

Modified: 2025-04-12T10:46:40.837

Link: CVE-2016-5581

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T09:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"name": "1037038", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037038"}, {"name": "93743", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93743"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-5581", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"name": "1037038", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037038"}, {"name": "93743", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93743"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:07:57.889Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"name": "1037038", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037038"}, {"name": "93743", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93743"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-10T17:46:41.265348Z", "id": "CVE-2016-5581", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T18:23:29.189Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-5581", "datePublished": "2016-10-25T14:00:00", "dateReserved": "2016-06-16T00:00:00", "dateUpdated": "2024-10-10T18:23:29.189Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-18T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-28T09:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"name": "1037038", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037038"}, {"name": "93743", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93743"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-5581", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"name": "1037038", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037038"}, {"name": "93743", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93743"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:07:57.889Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"name": "1037038", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037038"}, {"name": "93743", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93743"}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2016-5581", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-10T17:46:41.265348Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-10T17:47:21.385Z"}}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-5581", "datePublished": "2016-10-25T14:00:00", "dateReserved": "2016-06-16T00:00:00", "dateUpdated": "2024-10-10T18:23:29.189Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:irecruitment:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "9E767ED6-5599-4663-9251-45AFC09D8D79", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:irecruitment:12.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "BA56C655-9D22-4394-81FB-C282A57358DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:irecruitment:12.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "5A42173F-19DA-4C63-ADBE-AA9DD654EB7A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:irecruitment:12.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "CC6614C0-9109-4DF6-9F34-3BFFB8FDF649", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:irecruitment:12.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "03B748AA-5D80-43F3-AFD8-EE557B669CFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:irecruitment:12.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "CF7AA1BD-83C1-4FDE-A83F-E79523121E59", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:irecruitment:12.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "3DA3EAA9-A28C-422D-B7DB-420E36C0FB31", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 12.1.1 through 12.1.3 and 12.2.3 through 12.2.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle iRecruitment en Oracle E-Business Suite 12.1.1 hasta la versi\u00f3n 12.1.3 y 12.2.3 hasta la versi\u00f3n 12.2.6 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos."}], "id": "CVE-2016-5581", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 6.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 0.7, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-25T14:30:51.247", "references": [{"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/93743"}, {"source": "secalert_us@oracle.com", "url": "http://www.securitytracker.com/id/1037038"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/93743"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1037038"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "nvd@nist.gov", "type": "Primary"}]}