Vulnerability in Oracle HTTP Server Component of Oracle Fusion Middleware
CVE-2016-0671

3.7LOW

Key Information:

Vendor: Oracle
Status: Http Server
Vendor: CVE Published:; 21 April 2016

What is CVE-2016-0671?

An unspecified vulnerability has been identified in the Oracle HTTP Server component of Oracle Fusion Middleware 12.1.2.0. This vulnerability could potentially be exploited by remote attackers to compromise the confidentiality of affected systems through specific vectors related to the OSSL Module. Organizations using this version should evaluate their security posture and consider applying the necessary updates to mitigate potential risks.

References

http://www.securitytracker.com/id/1035617

vdb-entryx_refsource_SECTRACK

http://www.oracle.com/technetwork/security-advisory/cpuap...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 21, 2016
Vulnerability Reserved
Dec 9, 2015