{"api_version":"1","generated_at":"2026-05-13T12:21:27+00:00","cve":"CVE-2016-5457","urls":{"html":"https://cve.report/CVE-2016-5457","api":"https://cve.report/api/cve/CVE-2016-5457.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2016-5457","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2016-5457"},"summary":{"title":"CVE-2016-5457","description":"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.","state":"PUBLISHED","assigner":"oracle","published_at":"2016-07-21 10:15:13","updated_at":"2026-05-06 22:30:45"},"problem_types":["NVD-CWE-noinfo","n/a"],"metrics":[{"version":"3.0","source":"nvd@nist.gov","type":"Primary","score":"8.8","severity":"HIGH","vector":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","data":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"}},{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"9","severity":"","vector":"AV:N/AC:L/Au:S/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","name":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Oracle Critical Patch Update - July 2016","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/91995","name":"http://www.securityfocus.com/bid/91995","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Oracle Integrated Lights Out Manager CVE-2016-5457 Remote Security Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securityfocus.com/bid/91787","name":"http://www.securityfocus.com/bid/91787","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"],"title":"Oracle July 2016 Critical Patch Update Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://www.securitytracker.com/id/1036408","name":"http://www.securitytracker.com/id/1036408","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Sun Integrated Lights-Out Manager Multiple Bugs Let Remote Users Access and Modify Data, Deny Service, and Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2016-5457","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-5457","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2016","cve_id":"5457","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"oracle","cpe5":"integrated_lights_out_manager_firmware","cpe6":"3.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5457","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"oracle","cpe5":"integrated_lights_out_manager_firmware","cpe6":"3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2016","cve_id":"5457","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"oracle","cpe5":"integrated_lights_out_manager_firmware","cpe6":"3.2","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-06T01:01:00.489Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"1036408","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id/1036408"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"name":"91787","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/91787"},{"name":"91995","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/91995"}],"title":"CVE Program Container"},{"metrics":[{"other":{"content":{"id":"CVE-2016-5457","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","timestamp":"2024-10-11T19:52:47.384612Z","version":"2.0.3"},"type":"ssvc"}}],"providerMetadata":{"dateUpdated":"2024-10-11T20:37:10.085Z","orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP"},"title":"CISA ADP Vulnrichment"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2016-07-19T00:00:00.000Z","descriptions":[{"lang":"en","value":"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-31T09:57:01.000Z","orgId":"43595867-4340-4103-b7a2-9a5208d29a85","shortName":"oracle"},"references":[{"name":"1036408","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id/1036408"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"name":"91787","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/91787"},{"name":"91995","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/91995"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert_us@oracle.com","ID":"CVE-2016-5457","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"1036408","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1036408"},{"name":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html","refsource":"CONFIRM","url":"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"},{"name":"91787","refsource":"BID","url":"http://www.securityfocus.com/bid/91787"},{"name":"91995","refsource":"BID","url":"http://www.securityfocus.com/bid/91995"}]}}}},"cveMetadata":{"assignerOrgId":"43595867-4340-4103-b7a2-9a5208d29a85","assignerShortName":"oracle","cveId":"CVE-2016-5457","datePublished":"2016-07-21T10:00:00.000Z","dateReserved":"2016-06-16T00:00:00.000Z","dateUpdated":"2024-10-11T20:37:10.085Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2016-07-21 10:15:13","lastModifiedDate":"2026-05-06 22:30:45","problem_types":["NVD-CWE-noinfo","n/a"],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.0:*:*:*:*:*:*:*","matchCriteriaId":"F03D9357-7755-488D-80A2-F922CA4283DE"},{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.1:*:*:*:*:*:*:*","matchCriteriaId":"E7CEFD9F-B0CC-40E5-921F-34B354B465E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:oracle:integrated_lights_out_manager_firmware:3.2:*:*:*:*:*:*:*","matchCriteriaId":"F788EE61-2231-4364-869F-8E29321E4B67"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2016","CveId":"5457","Ordinal":"1","Title":"CVE-2016-5457","CVE":"CVE-2016-5457","Year":"2016"},"notes":[{"CveYear":"2016","CveId":"5457","Ordinal":"1","NoteData":"Unspecified vulnerability in the ILOM component in Oracle Sun Systems Products Suite 3.0, 3.1, and 3.2 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to LUMAIN.","Type":"Description","Title":"CVE-2016-5457"},{"CveYear":"2016","CveId":"5457","Ordinal":"2","NoteData":"2016-07-21","Type":"Other","Title":"Published"},{"CveYear":"2016","CveId":"5457","Ordinal":"3","NoteData":"2017-08-31","Type":"Other","Title":"Modified"}]}}}