XML External Entity Vulnerability in Oracle E-Business Suite
CVE-2016-0457
Currently unrated
Summary
A vulnerability exists in the Application Mgmt Pack for E-Business Suite that permits remote attackers to compromise data confidentiality through the REST Framework. This vulnerability may allow unauthorized remote access to sensitive information by exploiting crafted XML requests, which can lead to arbitrary file reading and potential denial of service. The implications of this vulnerability include risks associated with server-side request forgery and SMB Relay attacks, highlighting the need for timely remediation.
References
Timeline
Vulnerability published
Vulnerability Reserved