Directory Traversal Vulnerability in Oracle Enterprise Manager Grid Control
CVE-2016-0481
Currently unrated
Key Information:
- Vendor
- Oracle
- Vendor
- CVE Published:
- 21 January 2016
Summary
An unspecified vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Grid Control can be exploited by remote attackers to potentially compromise confidentiality. This vulnerability appears to relate to the Test Manager for Web Apps functionality. Notably, it may allow unauthorized access to sensitive files through directory traversal techniques in certain parameters, such as scheduleReportName. Oracle has acknowledged this issue, but specifics on the attack vectors remain undisclosed.
References
Timeline
Vulnerability published
Vulnerability Reserved