{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T02:39:45.558","vulnerabilities":[{"cve":{"id":"CVE-2019-2570","sourceIdentifier":"secalert_us@oracle.com","published":"2019-04-23T19:32:48.787","lastModified":"2024-11-21T04:41:07.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the Siebel Core - Server BizLogic Script component of Oracle Siebel CRM (subcomponent: Integration - Scripting). The supported version that is affected is 19.3. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Siebel Core - Server BizLogic Script. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Siebel Core - Server BizLogic Script accessible data as well as unauthorized read access to a subset of Siebel Core - Server BizLogic Script accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Siebel Core - Server BizLogic Script. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L)."},{"lang":"es","value":"Vulnerabilidad en el componente Server BizLogic Script en Siebel Core de Oracle Siebel CRM (subcomponente: Integration - Scripting). La versión compatible que se ve afectada es la 19.3. Vulnerabilidad de fácil explotación que permite a un atacante muy privilegio con acceso a la red por medio de HTTP comprometer a Siebel Core - Server BizLogic Script. Los ataques con éxito  de esta vulnerabilidad pueden dar lugar a actualizaciones no autorizadas, insertar o eliminar el acceso a algunos de los datos accesibles de Siebel Core - Server BizLogic Script, así como el acceso no autorizado de lectura a un subconjunto de Siebel Core - Server BizLogic Script y la posibilidad no autorizada de generar una Denegación de Servicio parcial (partial DOS) de Siebel Core - Server BizLogic Script. CVSS versión 3.0 Puntuación Base 4.7 (Impactos de confidencialidad, integridad y disponibilidad). Vector CVSS:(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.2,"impactScore":3.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:siebel_crm:19.3:*:*:*:*:*:*:*","matchCriteriaId":"B1DB824E-1067-48CF-A38E-1DF1A9E1CCA2"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}