{"api_version":"1","generated_at":"2026-04-23T01:31:34+00:00","cve":"CVE-2016-0442","urls":{"html":"https://cve.report/CVE-2016-0442","api":"https://cve.report/api/cve/CVE-2016-0442.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-0442","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-0442"},"summary":{"title":"CVE-2016-0442","description":"Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service.","state":"PUBLIC","assigner":"secalert_us@oracle.com","published_at":"2016-01-21 02:59:00","updated_at":"2016-12-07 18:30:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id/1034734","name":"1034734","refsource":"SECTRACK","tags":[],"title":"Oracle Enterprise Manager Grid Control Multiple Flaws Let Remote and Local Users Access Data, Modify Data, and Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","name":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Oracle Critical Patch Update - January 2016","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-0442","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0442","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"442","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"enterprise_manager_grid_control","cpe6":"12.1.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"442","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"enterprise_manager_grid_control","cpe6":"12.1.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"442","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"enterprise_manager_grid_control","cpe6":"12.1.0.4","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"442","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"enterprise_manager_grid_control","cpe6":"12.1.0.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secalert_us@oracle.com","ID":"CVE-2016-0442","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"name":"1034734","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1034734"}]}},"nvd":{"publishedDate":"2016-01-21 02:59:00","lastModifiedDate":"2016-12-07 18:30:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":6.5},"severity":"MEDIUM","exploitabilityScore":8,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.4:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:enterprise_manager_grid_control:12.1.0.5:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"442","Ordinal":"86001","Title":"CVE-2016-0442","CVE":"CVE-2016-0442","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"442","Ordinal":"1","NoteData":"Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control 12.1.0.4 and 12.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Loader Service.","Type":"Description","Title":null},{"CveYear":"2016","CveId":"442","Ordinal":"2","NoteData":"2016-01-20","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"442","Ordinal":"3","NoteData":"2016-12-05","Type":"Other","Title":"Modified"}]}}}