{"api_version":"1","generated_at":"2026-04-22T19:34:56+00:00","cve":"CVE-2016-0500","urls":{"html":"https://cve.report/CVE-2016-0500","api":"https://cve.report/api/cve/CVE-2016-0500.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-0500","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-0500"},"summary":{"title":"CVE-2016-0500","description":"Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration.","state":"PUBLIC","assigner":"secalert_us@oracle.com","published_at":"2016-01-21 03:00:00","updated_at":"2016-06-08 17:31:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"http://www.securitytracker.com/id/1034718","name":"1034718","refsource":"SECTRACK","tags":[],"title":"Oracle Retail Applications Multiple Flaws Let Remote and Local Users Access and Modify Data and Let Remote Users Deny Service - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","name":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","refsource":"CONFIRM","tags":["Vendor Advisory"],"title":"Oracle Critical Patch Update - January 2016","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-0500","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0500","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"500","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_order_broker_cloud_service","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"500","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_order_broker_cloud_service","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"500","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_order_broker_cloud_service","cpe6":"4.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"500","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"oracle","cpe5":"retail_order_broker_cloud_service","cpe6":"4.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secalert_us@oracle.com","ID":"CVE-2016-0500","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"name":"1034718","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1034718"}]}},"nvd":{"publishedDate":"2016-01-21 03:00:00","lastModifiedDate":"2016-06-08 17:31:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:P/A:P","accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL","baseScore":7.5},"severity":"HIGH","exploitabilityScore":10,"impactScore":6.4,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_order_broker_cloud_service:4.1:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:oracle:retail_order_broker_cloud_service:4.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"500","Ordinal":"86059","Title":"CVE-2016-0500","CVE":"CVE-2016-0500","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"500","Ordinal":"1","NoteData":"Unspecified vulnerability in the Oracle Retail Order Broker Cloud Service component in Oracle Retail Applications 4.0 and 4.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to System Administration.","Type":"Description","Title":null},{"CveYear":"2016","CveId":"500","Ordinal":"2","NoteData":"2016-01-20","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"500","Ordinal":"3","NoteData":"2016-06-01","Type":"Other","Title":"Modified"}]}}}