Directory Traversal Vulnerability in Oracle Enterprise Manager Grid Control
CVE-2016-0481

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
21 January 2016

Summary

An unspecified vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Grid Control can be exploited by remote attackers to potentially compromise confidentiality. This vulnerability appears to relate to the Test Manager for Web Apps functionality. Notably, it may allow unauthorized access to sensitive files through directory traversal techniques in certain parameters, such as scheduleReportName. Oracle has acknowledged this issue, but specifics on the attack vectors remain undisclosed.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.