XML External Entity Vulnerability in Oracle E-Business Suite
CVE-2016-0457

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
21 January 2016

Summary

A vulnerability exists in the Application Mgmt Pack for E-Business Suite that permits remote attackers to compromise data confidentiality through the REST Framework. This vulnerability may allow unauthorized remote access to sensitive information by exploiting crafted XML requests, which can lead to arbitrary file reading and potential denial of service. The implications of this vulnerability include risks associated with server-side request forgery and SMB Relay attacks, highlighting the need for timely remediation.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.