{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T17:47:44.347","vulnerabilities":[{"cve":{"id":"CVE-2019-2395","sourceIdentifier":"secalert_us@oracle.com","published":"2019-01-16T19:30:30.687","lastModified":"2024-11-21T04:40:47.247","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 5.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L)."},{"lang":"es","value":"Vulnerabilidad en el componente Oracle WebLogic Server de Oracle Fusion Middleware (subcomponente: WLS- Web Services). La versión compatible afectada es la 10.3.6.0. Esta vulnerabilidad fácilmente explotable permite que un atacante con pocos privilegios con acceso en red via HTTP comprometa la seguridad de Oracle WebLogic Server. Los ataques exitosos a esta vulnerabilidad pueden resultar en un acceso de lectura sin autorización de un subconjunto de datos accesibles de Oracle WebLogic Server. Además, esto podría dar lugar a que el atacante consiga provocar una denegación de servicio parcial (DoS parcial) de Oracle WebLogic Server. CVSS 3.0 Base Score 5.4 (Impactos de confidencialidad y disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":2.8,"impactScore":2.5}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:P","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:weblogic_server:10.3.6.0:*:*:*:*:*:*:*","matchCriteriaId":"0ABB9BAD-9BBD-4B2D-A0ED-7898812B9446"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/106585","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/106585","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}