CVE-2014-2439

{"id": "CVE-2014-2439", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-04-16T02:55:16.397", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Oracle Secure Global Desktop (SGD) en Oracle Virtualization 5.0 y 5.1 permite a atacantes remotos afectar la confidencialidad y la integridad a trav\u00e9s de vectores desconocidos relacionados con Workspace Web Application."}], "lastModified": "2014-04-16T18:15:54.633", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:virtualization:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DF24BCA5-C701-4EA8-8789-0A40119AA38D"}, {"criteria": "cpe:2.3:a:oracle:virtualization:5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "36D5D497-72EB-4A5C-AD92-3C09AE5FD327"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}